projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5c4fd8b) | patch
Repair EAP-FAST session resumption
authorEmilia Kasper <emilia@openssl.org>
Tue, 21 Apr 2015 16:12:58 +0000 (18:12 +0200)
committerEmilia Kasper <emilia@openssl.org>
Tue, 21 Apr 2015 17:31:09 +0000 (19:31 +0200)
commit8f0f9ffda301485e665ba075b5422221629579b9
tree25b03489f6c7d2d795a4b7683085c880a29e2d86tree | snapshot
parent5c4fd8b515ef065d19490a3eda558d2326162bf9commit | diff
Repair EAP-FAST session resumption

EAP-FAST session resumption relies on handshake message lookahead
to determine server intentions. Commits
980bc1ec6114f5511b20c2e6ca741e61a39b99d6
and
7b3ba508af5c86afe43e28174aa3c53a0a24f4d9
removed the lookahead so broke session resumption.

This change partially reverts the commits and brings the lookahead back
in reduced capacity for TLS + EAP-FAST only. Since EAP-FAST does not
support regular session tickets, the lookahead now only checks for a
Finished message.

Regular handshakes are unaffected by this change.

Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 6e3d015363ed09c4eff5c02ad41153387ffdf5af)
ssl/s3_clnt.c diff | blob | history
ssl/ssl.h diff | blob | history
ssl/ssl_err.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.