Implement session id TLSv1.3 middlebox compatibility mode

Clients will send a "fake" session id and servers must echo it back. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4701)
author: Matt Caswell <matt@openssl.org> 2017-11-07 10:45:43 +0000
committer: Matt Caswell <matt@openssl.org> 2017-12-14 15:06:37 +0000
commit: a5816a5ab99610201dcec57a0e02b883d9d32891 (patch)
tree: dbcdbc8473d14ad1204c345725e6193d299b22d3 /test/clienthellotest.c
parent: 88050dd1960bfaba7ede12a3ce1afe40f5deb124 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/test/clienthellotest.c b/test/clienthellotest.c
index 8ba65ce4fb..88e0a1c66a 100644
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -90,6 +90,8 @@ static int test_client_hello(int currtest)
     case TEST_ADD_PADDING:
     case TEST_PADDING_NOT_NEEDED:
         SSL_CTX_set_options(ctx, SSL_OP_TLSEXT_PADDING);
+        /* Make sure we get a consistent size across TLS versions */
+        SSL_CTX_clear_options(ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
         /*
          * Add some dummy ALPN protocols so that the ClientHello is at least
          * F5_WORKAROUND_MIN_MSG_LEN bytes long - meaning padding will be
author	Matt Caswell <matt@openssl.org>	2017-11-07 10:45:43 +0000
committer	Matt Caswell <matt@openssl.org>	2017-12-14 15:06:37 +0000
commit	a5816a5ab99610201dcec57a0e02b883d9d32891 (patch)
tree	dbcdbc8473d14ad1204c345725e6193d299b22d3 /test/clienthellotest.c
parent	88050dd1960bfaba7ede12a3ce1afe40f5deb124 (diff)