Send dummy ChangeCipherSpec messages from the TLSv1.3 server - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2020-05-10 17:13:30 +0000
committer	tb <>	2020-05-10 17:13:30 +0000
commit	b8698e11d9883dab7da69566fc2cd28afaf199a8 (patch)
tree	9b324a09d611e1d490ffe26c5e54d2031501ff81 /src/usr.bin/openssl/ecparam.c
parent	d8a73cb59ee68723f87063e50ae6037929f06a83 (diff)
download	openbsd-b8698e11d9883dab7da69566fc2cd28afaf199a8.tar.gz openbsd-b8698e11d9883dab7da69566fc2cd28afaf199a8.tar.bz2 openbsd-b8698e11d9883dab7da69566fc2cd28afaf199a8.zip

Send dummy ChangeCipherSpec messages from the TLSv1.3 server

If the client has requested middle box compatibility mode by sending a non-empty legacy_session_id, the server must send a dummy CCS right after its first handshake message. This means right after ServerHello or HelloRetryRequest. Two important improvements over the backed-out diffr: make sure that First: client and server can send their dummy CCS at the correct moment (right before the next flight or right after the current flight). Second: as jsing noted, we also need to deal with the corner case that tls13_send_dummy_ccs() can return TLS13_IO_WANT_POLLOUT. with/ok jsing

Diffstat (limited to 'src/usr.bin/openssl/ecparam.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: