projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a209623) | patch
Repair EAP-FAST session resumption
authorEmilia Kasper <emilia@openssl.org>
Tue, 21 Apr 2015 16:12:58 +0000 (18:12 +0200)
committerEmilia Kasper <emilia@openssl.org>
Tue, 21 Apr 2015 17:37:17 +0000 (19:37 +0200)
commitd695a0225456f790d1fb93e19784f0c5b8397220
tree793166b92c47e7c437a89f4e2f3767f7f64e2ec9tree | snapshot
parenta209623fbb5b5cdaaf3a825442cb1ed86a985df6commit | diff
Repair EAP-FAST session resumption

EAP-FAST session resumption relies on handshake message lookahead
to determine server intentions. Commits
980bc1ec6114f5511b20c2e6ca741e61a39b99d6
and
7b3ba508af5c86afe43e28174aa3c53a0a24f4d9
removed the lookahead so broke session resumption.

This change partially reverts the commits and brings the lookahead back
in reduced capacity for TLS + EAP-FAST only. Since EAP-FAST does not
support regular session tickets, the lookahead now only checks for a
Finished message.

Regular handshakes are unaffected by this change.

Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 6e3d015363ed09c4eff5c02ad41153387ffdf5af)
ssl/s3_clnt.c diff | blob | history
ssl/ssl.h diff | blob | history
ssl/ssl_err.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.