Do not resume a session if the negotiated protocol version does not match

the session's version (server). See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 9e189b9dc10786c755919e6792e923c584c918a1)
author: David Benjamin <davidben@chromium.org> 2014-11-20 16:22:40 +0100
committer: Emilia Kasper <emilia@openssl.org> 2014-11-20 16:31:42 +0100
commit: 7fc5f4f11782494d620a752ecfb0cb8867e80860 (patch)
tree: b87e1326c83fe2c62de94d2340d0cdb7a42f771f /CHANGES
parent: 249a3e362fe406f8bc05cd3e69955a34a080b2b9 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 204262c022..c3bb94052d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
 
  Changes between 1.0.1j and 1.0.1k [xx XXX xxxx]
 
+   *) Do not resume sessions on the server if the negotiated protocol
+      version does not match the session's version. Resuming with a different
+      version, while not strictly forbidden by the RFC, is of questionable
+      sanity and breaks all known clients.
+      [David Benjamin, Emilia Käsper]
+
    *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
       early CCS messages during renegotiation. (Note that because
       renegotiation is encrypted, this early CCS was not exploitable.)
author	David Benjamin <davidben@chromium.org>	2014-11-20 16:22:40 +0100
committer	Emilia Kasper <emilia@openssl.org>	2014-11-20 16:31:42 +0100
commit	7fc5f4f11782494d620a752ecfb0cb8867e80860 (patch)
tree	b87e1326c83fe2c62de94d2340d0cdb7a42f771f /CHANGES
parent	249a3e362fe406f8bc05cd3e69955a34a080b2b9 (diff)