diff options
author | David Benjamin <davidben@chromium.org> | 2014-11-20 16:22:40 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2014-11-20 16:31:42 +0100 |
commit | 7fc5f4f11782494d620a752ecfb0cb8867e80860 (patch) | |
tree | b87e1326c83fe2c62de94d2340d0cdb7a42f771f /CHANGES | |
parent | 249a3e362fe406f8bc05cd3e69955a34a080b2b9 (diff) |
Do not resume a session if the negotiated protocol version does not match
the session's version (server).
See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 9e189b9dc10786c755919e6792e923c584c918a1)
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -4,6 +4,12 @@ Changes between 1.0.1j and 1.0.1k [xx XXX xxxx] + *) Do not resume sessions on the server if the negotiated protocol + version does not match the session's version. Resuming with a different + version, while not strictly forbidden by the RFC, is of questionable + sanity and breaks all known clients. + [David Benjamin, Emilia Käsper] + *) Tighten handling of the ChangeCipherSpec (CCS) message: reject early CCS messages during renegotiation. (Note that because renegotiation is encrypted, this early CCS was not exploitable.) |