Initial parsing of the NewSessionTicket message - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2022-10-20 15:26:25 +0000
committer	tb <>	2022-10-20 15:26:25 +0000
commit	a8ea0315a91ac4805740889d8f6de75535578297 (patch)
tree	f724dfe9f8a9633dfc51e7454baf1d4613e94baf /src/lib/libc/stdlib/lrand48.c
parent	6b9a69b566bfb5818fb2b5c49b739ecf2b633c14 (diff)
download	openbsd-a8ea0315a91ac4805740889d8f6de75535578297.tar.gz openbsd-a8ea0315a91ac4805740889d8f6de75535578297.tar.bz2 openbsd-a8ea0315a91ac4805740889d8f6de75535578297.zip

Initial parsing of the NewSessionTicket message

TLSv1.3 introduces a New Session Ticket post-handshake handshake message that allows a unique association between a ticket value and a pre-shared key derived from the resumption master secret. Servers may send this message arbitrarily often at any time after receiving the client's Finished message. Implement tls13_new_session_ticket_recv() which parses the contents of the NewSessionTicket message into a fresh session derived from the current session so as to avoid modifying sessions that are already in the session cache. This uses tls13_new_session_ticket_recv() in tls13_phh_received_cb(). We currently rely on the general rate limiting of 100 PHH messages per connection and hour to avoid problems from connecting to a misbehaving or malicious server. ok jsing

Diffstat (limited to 'src/lib/libc/stdlib/lrand48.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: