提交 c87386a2 编写于 作者: M Matt Caswell

Add a TLS version consistency check during session resumption

This is a temporary fix for while we are still using the old session
resumption logic in the TLSv1.3 code. Due to differences in EXTMS support
we can't resume a <=TLSv1.2 session in a TLSv1.3 connection (the EXTMS
consistency check causes the connection to abort). This causes test
failures.

Ultimately we will rewrite the session resumption logic for TLSv1.3 so this
problem will go away. But until then we need a quick fix to keep the tests
happy.
Reviewed-by: NRich Salz <rsalz@openssl.org>
上级 d7c42d71
......@@ -588,6 +588,23 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
goto err;
}
/*
* TODO(TLS1.3): This is temporary, because TLSv1.3 resumption is completely
* different. For now though we're still using the old resumption logic, so
* to avoid test failures we need this. Remove this code!
*
* Check TLS version consistency. We can't resume <=TLSv1.2 session if we
* have negotiated TLSv1.3, and vice versa.
*/
if (!SSL_IS_DTLS(s)
&& ((ret->ssl_version <= TLS1_2_VERSION
&& s->version >=TLS1_3_VERSION)
|| (ret->ssl_version >= TLS1_3_VERSION
&& s->version <= TLS1_2_VERSION))) {
/* Continue but do not resume */
goto err;
}
/* Check extended master secret extension consistency */
if (ret->flags & SSL_SESS_FLAG_EXTMS) {
/* If old session includes extms, but new does not: abort handshake */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册