diff options
author | David Benjamin <davidben@chromium.org> | 2014-11-20 16:22:40 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2014-11-20 16:31:35 +0100 |
commit | 03d14f58873470407de6120218b7e69fefd8b58f (patch) | |
tree | d21de8bf2dc9bb6896947240bd92c26ca542bde8 /ssl/s3_srvr.c | |
parent | 6f71d7da640b5cd5238b6816e0819eec460bee69 (diff) |
Do not resume a session if the negotiated protocol version does not match
the session's version (server).
See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 9e189b9dc10786c755919e6792e923c584c918a1)
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r-- | ssl/s3_srvr.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 6f82d3ceb4..3bf6cfec52 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1047,7 +1047,16 @@ int ssl3_get_client_hello(SSL *s) else { i=ssl_get_prev_session(s, p, j, d + n); - if (i == 1) + /* + * Only resume if the session's version matches the negotiated + * version. + * RFC 5246 does not provide much useful advice on resumption + * with a different protocol version. It doesn't forbid it but + * the sanity of such behaviour would be questionable. + * In practice, clients do not accept a version mismatch and + * will abort the handshake with an error. + */ + if (i == 1 && s->version == s->session->ssl_version) { /* previous session */ s->hit=1; } |