Ensure legacy session ID is persistent during client TLS session. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2020-04-08 16:23:58 +0000
committer	jsing <>	2020-04-08 16:23:58 +0000
commit	62a1f3a5f30834cae9924b9bf74062621b5eea7a (patch)
tree	33a2c465b12594e979cf53e457b5cab27ab15e20 /src/lib/libc/string/strncpy.c
parent	b4dba776b53e94077ded196b61300b5bb1c44269 (diff)
download	openbsd-62a1f3a5f30834cae9924b9bf74062621b5eea7a.tar.gz openbsd-62a1f3a5f30834cae9924b9bf74062621b5eea7a.tar.bz2 openbsd-62a1f3a5f30834cae9924b9bf74062621b5eea7a.zip

Ensure legacy session ID is persistent during client TLS session.

Generate an unpredictable 32-byte legacy session ID during client initialisation, rather than when the ClientHello message is being created. Otherwise in the case of a HelloRetryRequest the legacy session ID values will differ between the first and second ClientHello messages, which is not permitted by the RFC. Fixes an issue talking TLSv1.3 to smtp.mail.yahoo.com. ok beck@

Diffstat (limited to 'src/lib/libc/string/strncpy.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: