Do not send unsolicited SCTs in TLS 1.3. The draft 18 implementation did not compute scts_requested correctly. As a result, it always believed SCTs were requested. Fix this and add tests for unsolicited OCSP responses and SCTs at all versions. Thanks to Daniel Hirche for the report. Change-Id: Ifc59c5c4d7edba5703fa485c6c7a4055b15954b4 Reviewed-on: https://boringssl-review.googlesource.com/12305 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 53210cb48e57f940788ca919951defe331f708bc [log] [tgz]
author: David Benjamin <davidben@google.com> Wed Nov 16 09:01:48 2016 +0900
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Nov 16 00:20:09 2016 +0000
tree: 65f319ca59547d3a7ee93bef09ed62c49bb351ae
parent: ea80f9d5df4c302de391e999395e1c87f9c786b3 [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index c318a9b..08c5db0 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1397,8 +1397,16 @@
 
 static int ext_sct_parse_clienthello(SSL *ssl, uint8_t *out_alert,
                                      CBS *contents) {
+  if (contents == NULL) {
+    return 1;
+  }
+
+  if (CBS_len(contents) != 0) {
+    return 0;
+  }
+
   ssl->s3->hs->scts_requested = 1;
-  return contents == NULL || CBS_len(contents) == 0;
+  return 1;
 }
 
 static int ext_sct_add_serverhello(SSL *ssl, CBB *out) {
commit	53210cb48e57f940788ca919951defe331f708bc	[log] [tgz]
author	David Benjamin <davidben@google.com>	Wed Nov 16 09:01:48 2016 +0900
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Wed Nov 16 00:20:09 2016 +0000
tree	65f319ca59547d3a7ee93bef09ed62c49bb351ae
parent	ea80f9d5df4c302de391e999395e1c87f9c786b3 [diff] [blame]