mirror of
https://github.com/openssl/openssl.git
synced 2024-12-15 06:01:37 +08:00
aa6bd216dd
It can be useful to know what group was used for the handshake's key exchange process even on non-TLS 1.3 connections. Allow this API, new in OpenSSL 3.0.0, to be used on other TLS versions as well. Since pre-TLS-1.3 key exchange occurs only on full handshakes, this necessitates adding a field to the SSL_SESSION object to carry the group information across resumptions. The key exchange group in the SSL_SESSION can also be relevant in TLS 1.3 when the resumption handshake uses the "psk_ke" key-exchange mode, so also track whether a fresh key exchange was done for TLS 1.3. Since the new field is optional in the ASN.1 sense, there is no need to increment SSL_SESSION_ASN1_VERSION (which incurs strong incompatibility churn). Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14750) |
||
|---|---|---|
| .. | ||
| record | ||
| statem | ||
| bio_ssl.c | ||
| build.info | ||
| d1_lib.c | ||
| d1_msg.c | ||
| d1_srtp.c | ||
| ktls.c | ||
| methods.c | ||
| pqueue.c | ||
| s3_cbc.c | ||
| s3_enc.c | ||
| s3_lib.c | ||
| s3_msg.c | ||
| ssl_asn1.c | ||
| ssl_cert_table.h | ||
| ssl_cert.c | ||
| ssl_ciph.c | ||
| ssl_conf.c | ||
| ssl_err_legacy.c | ||
| ssl_err.c | ||
| ssl_init.c | ||
| ssl_lib.c | ||
| ssl_local.h | ||
| ssl_mcnf.c | ||
| ssl_rsa_legacy.c | ||
| ssl_rsa.c | ||
| ssl_sess.c | ||
| ssl_stat.c | ||
| ssl_txt.c | ||
| ssl_utst.c | ||
| sslerr.h | ||
| t1_enc.c | ||
| t1_lib.c | ||
| t1_trce.c | ||
| tls13_enc.c | ||
| tls_depr.c | ||
| tls_srp.c | ||