Initial parsing of the NewSessionTicket message - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2022-10-20 15:26:25 +0000
committer	tb <>	2022-10-20 15:26:25 +0000
commit	bcc6795d7c9d440c0bfb13e305709deacb2110ce (patch)
tree	f724dfe9f8a9633dfc51e7454baf1d4613e94baf /src/lib/libcrypto/evp/c_all.c
parent	7eb2eff3bb0dfb8fb87e37ef0ca182f8109d908f (diff)
download	openbsd-bcc6795d7c9d440c0bfb13e305709deacb2110ce.tar.gz openbsd-bcc6795d7c9d440c0bfb13e305709deacb2110ce.tar.bz2 openbsd-bcc6795d7c9d440c0bfb13e305709deacb2110ce.zip

Initial parsing of the NewSessionTicket message

TLSv1.3 introduces a New Session Ticket post-handshake handshake message that allows a unique association between a ticket value and a pre-shared key derived from the resumption master secret. Servers may send this message arbitrarily often at any time after receiving the client's Finished message. Implement tls13_new_session_ticket_recv() which parses the contents of the NewSessionTicket message into a fresh session derived from the current session so as to avoid modifying sessions that are already in the session cache. This uses tls13_new_session_ticket_recv() in tls13_phh_received_cb(). We currently rely on the general rate limiting of 100 PHH messages per connection and hour to avoid problems from connecting to a misbehaving or malicious server. ok jsing

Diffstat (limited to 'src/lib/libcrypto/evp/c_all.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: