mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
a2b97bdf3d
openssl/ssl
History
Matt Caswell a2b97bdf3d Don't do version neg on an HRR 
Previously if a client received an HRR then we would do version negotiation
immediately - because we know we are going to get TLSv1.3. However this
causes a problem when we emit the 2nd ClientHello because we start changing
a whole load of stuff to ommit things that aren't relevant for < TLSv1.3.
The spec requires that the 2nd ClientHello is the same except for changes
required from the HRR. Therefore the simplest thing to do is to defer the
version negotiation until we receive the ServerHello.

Fixes #4292

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4527)
2017-10-16 15:52:18 +01:00
..
record Don't do version neg on an HRR 2017-10-16 15:52:18 +01:00
statem Don't do version neg on an HRR 2017-10-16 15:52:18 +01:00
bio_ssl.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
build.info
d1_lib.c add callback handler for setting DTLS timer interval 2017-09-06 08:30:00 +02:00
d1_msg.c (Re)move some things from e_os.h 2017-08-22 14:15:40 -04:00
d1_srtp.c
methods.c
packet_locl.h
packet.c Move ossl_assert 2017-08-03 10:48:00 +01:00
pqueue.c Update copyright header 2017-07-30 17:42:00 -04:00
s3_cbc.c Move ossl_assert 2017-08-03 10:48:00 +01:00
s3_enc.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
s3_lib.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
s3_msg.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
ssl_asn1.c Send and receive the ticket_nonce field in a NewSessionTicket 2017-07-07 15:02:09 +01:00
ssl_cert_table.h Add RSA-PSS key certificate type. 2017-09-20 12:50:23 +01:00
ssl_cert.c crypto/x509v3/v3_utl.c, ssl/ssl_cert.c: fix Coverity problems. 2017-10-10 20:00:35 +02:00
ssl_ciph.c Add ARIA as an alias for all ARIA based modes. 2017-08-31 08:40:11 +10:00
ssl_conf.c e_os.h removal from other headers and source files. 2017-08-30 07:20:43 +10:00
ssl_err.c Session resume broken switching contexts 2017-10-04 10:21:08 +10:00
ssl_init.c Implement Aria GCM/CCM Modes and TLS cipher suites 2017-08-30 12:33:53 +02:00
ssl_lib.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
ssl_locl.h Move supportedgroup ext-block fields out of NO_EC 2017-10-11 08:25:40 -05:00
ssl_mcnf.c
ssl_rsa.c Use certificate tables instead of ssl_cert_type 2017-07-13 12:38:42 +01:00
ssl_sess.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
ssl_stat.c Fix errors in SSL_state_string_long 2017-07-31 08:55:37 -04:00
ssl_txt.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
ssl_utst.c
t1_enc.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00
t1_lib.c Merge tls1_check_curve into tls1_check_group_id 2017-10-06 19:09:51 +01:00
t1_trce.c SSL Trace improvements 2017-09-10 23:33:37 -04:00
tls13_enc.c Make sure we use the correct cipher when using the early_secret 2017-08-31 15:02:58 +01:00
tls_srp.c Since return is inconsistent, I removed unnecessary parentheses and 2017-10-09 13:17:09 +01:00