From 3d0b604c1450e0c8995d0691f91a43ee6403e539 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 30 Oct 2009 13:22:44 +0000
Subject: Fix statless session resumption so it can coexist with SNI

---
 CHANGES | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'CHANGES')

diff --git a/CHANGES b/CHANGES
index 58695d5d7b..e56fd1b396 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,15 @@
 
  Changes between 0.9.8k and 1.0  [xx XXX xxxx]
 
+  *) Fixes to stateless session resumption handling. Use initial_ctx when
+     issuing and attempting to decrypt tickets in case it has changed during
+     servername handling. Use a non-zero length session ID when attempting
+     stateless session resumption: this makes it possible to determine if
+     a resumption has occurred immediately after receiving server hello 
+     (several places in OpenSSL subtly assume this) instead of later in
+     the handshake.
+     [Steve Henson]
+
   *) Update OCSP request code to permit adding custom headers to the request:
      some responders need this.
      [Steve Henson]
-- 
cgit v1.2.3