diff options
author | Matt Caswell <matt@openssl.org> | 2019-01-27 11:00:16 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-02-14 16:25:44 +0000 |
commit | 37857e9b5258da148e5d3699b6acdf8787417eb2 (patch) | |
tree | f3c684ceebcf9d58150ee7007abbda12e72756e7 /doc | |
parent | 1c31fe7eb093a8f07d32e910a46616209883cf84 (diff) |
Don't signal SSL_CB_HANDSHAKE_START for TLSv1.3 post-handshake messages
The original 1.1.1 design was to use SSL_CB_HANDSHAKE_START and
SSL_CB_HANDSHAKE_DONE to signal start/end of a post-handshake message
exchange in TLSv1.3. Unfortunately experience has shown that this confuses
some applications who mistake it for a TLSv1.2 renegotiation. This means
that KeyUpdate messages are not handled properly.
This commit removes the use of SSL_CB_HANDSHAKE_START and
SSL_CB_HANDSHAKE_DONE to signal the start/end of a post-handshake
message exchange. Individual post-handshake messages are still signalled in
the normal way.
This is a potentially breaking change if there are any applications already
written that expect to see these TLSv1.3 events. However, without it,
KeyUpdate is not currently usable for many applications.
Fixes #8069
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8096)
(cherry picked from commit 4af5836b55442f31795eff6c8c81ea7a1b8cf94b)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/SSL_CTX_set_info_callback.pod | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/doc/man3/SSL_CTX_set_info_callback.pod b/doc/man3/SSL_CTX_set_info_callback.pod index f01ca66fce..2dc82cad0c 100644 --- a/doc/man3/SSL_CTX_set_info_callback.pod +++ b/doc/man3/SSL_CTX_set_info_callback.pod @@ -92,17 +92,13 @@ Callback has been called due to an alert being sent or received. =item SSL_CB_HANDSHAKE_START -Callback has been called because a new handshake is started. In TLSv1.3 this is -also used for the start of post-handshake message exchanges such as for the -exchange of session tickets, or for key updates. It also occurs when resuming a -handshake following a pause to handle early data. +Callback has been called because a new handshake is started. It also occurs when +resuming a handshake following a pause to handle early data. -=item SSL_CB_HANDSHAKE_DONE 0x20 +=item SSL_CB_HANDSHAKE_DONE -Callback has been called because a handshake is finished. In TLSv1.3 this is -also used at the end of an exchange of post-handshake messages such as for -session tickets or key updates. It also occurs if the handshake is paused to -allow the exchange of early data. +Callback has been called because a handshake is finished. It also occurs if the +handshake is paused to allow the exchange of early data. =back |