From: Matt Caswell Date: Fri, 27 Jan 2017 15:23:25 +0000 (+0000) Subject: Expand comment in tls_process_hello_req() X-Git-Tag: OpenSSL_1_1_1-pre1~2537 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1f04f23ef42564c5e9c186ec290a7a17bcf56b0f;p=oweals%2Fopenssl.git Expand comment in tls_process_hello_req() Following review feedback. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2259) --- diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index cfc1047267..9ce4ff6ce5 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -3226,10 +3226,11 @@ MSG_PROCESS_RETURN tls_process_hello_req(SSL *s, PACKET *pkt) } /* - * This is a historical discrepancy maintained for compatibility - * reasons. If a TLS client receives a HelloRequest it will attempt - * an abbreviated handshake. However if a DTLS client receives a - * HelloRequest it will do a full handshake. + * This is a historical discrepancy (not in the RFC) maintained for + * compatibility reasons. If a TLS client receives a HelloRequest it will + * attempt an abbreviated handshake. However if a DTLS client receives a + * HelloRequest it will do a full handshake. Either behaviour is reasonable + * but doing one for TLS and another for DTLS is odd. */ if (SSL_IS_DTLS(s)) SSL_renegotiate(s);