diff options
author | David Benjamin <davidben@chromium.org> | 2014-11-20 16:22:40 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2014-11-20 16:29:04 +0100 |
commit | 9e189b9dc10786c755919e6792e923c584c918a1 (patch) | |
tree | 0a216d4f54a6dd70b97e1e80edf5e98d78974641 /CHANGES | |
parent | 8d02bebddf4b69f7f260adfed4be4f498dcbd16c (diff) |
Do not resume a session if the negotiated protocol version does not match
the session's version (server).
See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -627,6 +627,12 @@ Changes between 1.0.1j and 1.0.1k [xx XXX xxxx] + *) Do not resume sessions on the server if the negotiated protocol + version does not match the session's version. Resuming with a different + version, while not strictly forbidden by the RFC, is of questionable + sanity and breaks all known clients. + [David Benjamin, Emilia Käsper] + *) Tighten handling of the ChangeCipherSpec (CCS) message: reject early CCS messages during renegotiation. (Note that because renegotiation is encrypted, this early CCS was not exploitable.) |