wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Benjamin Kaduk c4fa1f7fc0 Fix regression with session cache use by clients 
Commit d316cdcf6d introduced some extra
checks into the session-cache update procedure, intended to prevent
the caching of sessions whose resumption would lead to a handshake
failure, since if the server is authenticating the client, there needs to
be an application-set "session id context" to match up to the authentication
context.  While that change is effective for its stated purpose, there
was also some collatoral damage introduced along with the fix -- clients
that set SSL_VERIFY_PEER are not expected to set an sid_ctx, and so
their usage of session caching was erroneously denied.

Fix the scope of the original commit by limiting it to only acting
when the SSL is a server SSL.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5967)
2018-05-01 11:19:20 -05:00
..
record Update copyright year 2018-05-01 13:34:30 +01:00
statem In a reneg use the same client_version we used last time 2018-04-24 09:54:31 +01:00
bio_ssl.c Add comments to NULL func ptrs in bio_method_st 2017-12-18 07:04:48 +10:00
build.info Move ssl/t1_ext.c to ssl/statem/extensions_cust.c 2017-04-07 13:41:04 +01:00
d1_lib.c More record layer conversions to use SSLfatal() 2017-12-08 16:42:02 +00:00
d1_msg.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
d1_srtp.c Move client parsing of ServerHello extensions into new framework 2016-12-08 17:18:25 +00:00
methods.c Drop support for OPENSSL_NO_TLS1_3_METHOD 2017-06-30 09:41:46 +01:00
packet.c Update copyright year 2018-04-17 15:18:40 +02:00
packet_locl.h TLS1.3 Padding 2017-05-02 09:44:43 +01:00
pqueue.c Update copyright year 2018-04-17 15:18:40 +02:00
s3_cbc.c Move ossl_assert 2017-08-03 10:48:00 +01:00
s3_enc.c Update copyright year 2018-03-20 13:08:46 +00:00
s3_lib.c Fix typo in the definition of tls13_ciphers 2018-04-26 16:35:12 +01:00
s3_msg.c Update copyright year 2018-02-13 13:59:25 +00:00
ssl_asn1.c Update copyright year 2018-03-20 13:08:46 +00:00
ssl_cert.c Allow NULL for some _free routines. 2018-03-27 16:25:08 -04:00
ssl_cert_table.h Update copyright year 2018-03-20 13:08:46 +00:00
ssl_ciph.c Fix configuration of TLSv1.3 ciphersuites 2018-04-04 16:17:26 +01:00
ssl_conf.c Improve backwards compat with 1.0.2 for ECDHParameters 2018-04-24 09:09:43 +01:00
ssl_err.c Fix last(?) batch of malloc-NULL places 2018-04-26 14:02:24 -04:00
ssl_init.c Add a config option to disable automatic config loading 2018-04-17 16:33:15 +02:00
ssl_lib.c Fix regression with session cache use by clients 2018-05-01 11:19:20 -05:00
ssl_locl.h Add support for logging early exporter secret 2018-04-18 08:15:00 +01:00
ssl_mcnf.c Move the loading of the ssl_conf module to libcrypto 2018-04-05 15:30:12 +01:00
ssl_rsa.c Update copyright year 2018-03-20 13:08:46 +00:00
ssl_sess.c Allow NULL for some _free routines. 2018-03-27 16:25:08 -04:00
ssl_stat.c Merge HRR into ServerHello 2017-12-14 15:06:37 +00:00
ssl_txt.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ssl_utst.c Remove heartbeat support 2016-11-13 16:24:02 -05:00
t1_enc.c GOST MAC algorithms don't support EVP_PKEY_new_raw_private_key() 2018-03-30 19:28:33 +01:00
t1_lib.c Fix the MAX_CURVELIST definition 2018-04-25 10:20:43 +01:00
t1_trce.c Fix mixed indentation (and other whitespace issues) 2018-04-26 21:34:46 +02:00
tls13_enc.c Add support for logging early exporter secret 2018-04-18 08:15:00 +01:00
tls_srp.c Use the private RNG for data that is not public 2018-04-02 22:22:43 +02:00