Fix several issues with tls-boringssl.c.
An earlier CL added IPPS support via BoringSSL, but the change had many
issues. This fixes the following:
- random() with srandom(time(NULL)) is not an acceptable source of
entropy for a cryptographic library. Fortunately, BoringSSL ignores
calls to RAND_seed anyway, so delete it all.
- ERR_error_string(NULL) is not thread-safe. (We've really got to get
rid of that function, but there are a lot of callers to clear
through.) Use ERR_error_string_n with a local buffer.
- Using the version-specific APIs disables TLS 1.2. Instead, use
TLS_method (client and server distinctions on methods are ignored in
BoringSSL), and configure the minimum protocol version accordingly.
- SSL 3.0 is gone. Ignore _HTTP_TLS_ALLOW_SSL3 altogether. The old code
called SSLv3_*_method() which always fail in BoringSSL and, were they
not to fail, would have disabled all secure versions of TLS!
- The SSL_set_tlsext_host_name call was guarded by a
HAVE_SSL_SET_TLSEXT_HOST_NAME, but config.h was not updated. Remove
- Server support was not added, so make the operation actually fail.
Remove the commented out code (which wouldn't work as calling
SSL_CTX_* functions after SSL_new doesn't do anything).
- The code to call SSL_connect vs SSL_accept had a typo and only called
SSL_accept. In case someone wants server support in the future, use
the generic SSL_do_handshake which is equivalent, provided the caller
This also cleans a couple things up:
- SSL_load_error_strings is a no-op in BoringSSL. SSL_library_init is
also a no-op on Android, but there do exist configuations where it is
not, so I've left it in.
- SSL_write returns int, not ssize_t. The casts are unnecessary.
- Extracting the SSL_CTX from the SSL to free it is weird. One can just
free it earlier. The SSL owns a reference to the SSL_CTX and will
do the rest for you.
- Delete some unused functions whose comments even still say "gnutls" on
IMPORTANT: This does NOT fix the following:
- This file does not verify peer certificates at all. This means any
network attacker could use a different certificate and break the
connection anyway. I do not know how printer certificates are
typically checked or how Android's trust store is set up, so someone
with more domain knowledge may need to help out here. (Are printer
certs typically checked at all?  suggests yes, amazingly.)
Test: mma. Additionally tested by Mopria folks. See review comments.
1 file changed