summaryrefslogtreecommitdiff
path: root/src/lib/libtls/man/tls_ocsp_process_response.3
diff options
context:
space:
mode:
authorjsing <>2018-11-21 15:13:29 +0000
committerjsing <>2018-11-21 15:13:29 +0000
commite8890ed3b276eb268ca4797509a7faf50534f77d (patch)
tree7992535c747d2aff7dd9a131f8fc65ad2af3636d /src/lib/libtls/man/tls_ocsp_process_response.3
parent832db10c7eec76c2d877de16144d9855ad294293 (diff)
downloadopenbsd-e8890ed3b276eb268ca4797509a7faf50534f77d.tar.gz
openbsd-e8890ed3b276eb268ca4797509a7faf50534f77d.tar.bz2
openbsd-e8890ed3b276eb268ca4797509a7faf50534f77d.zip
Fix DTLS transcript handling for HelloVerifyRequest.
If DTLS sees a HelloVerifyRequest the transcript is reset - the previous tls1_init_finished_mac() function could be called multiple times and would discard any existing state. The replacement tls1_transcript_init() is more strict and fails if a transcript already exists. Provide an explicit tls1_transcript_reset() function and call it from the appropriate places. This also lets us make DTLS less of a special snowflake and call tls1_transcript_init() in the same place as used for TLS. ok beck@ tb@
Diffstat (limited to 'src/lib/libtls/man/tls_ocsp_process_response.3')
0 files changed, 0 insertions, 0 deletions