git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 13 Oct 2017 10:41:50 +0000 (11:41 +0100)
committer	Matt Caswell <matt@openssl.org>
	Mon, 16 Oct 2017 14:52:18 +0000 (15:52 +0100)
commit	a2b97bdf3dbbd255ee24aa8a74cf88d4f7034898
tree	0f9d0b6480413aceaa00c2789da69d137684fd33	tree \| snapshot
parent	aeb3e4abb6abab64342df44b2a7dc407f6508a11	commit \| diff

Don't do version neg on an HRR

Previously if a client received an HRR then we would do version negotiation
immediately - because we know we are going to get TLSv1.3. However this
causes a problem when we emit the 2nd ClientHello because we start changing
a whole load of stuff to ommit things that aren't relevant for < TLSv1.3.
The spec requires that the 2nd ClientHello is the same except for changes
required from the HRR. Therefore the simplest thing to do is to defer the
version negotiation until we receive the ServerHello.

Fixes #4292

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4527)

ssl/record/ssl3_record.c		diff \| blob \| history
ssl/statem/extensions.c		diff \| blob \| history
ssl/statem/statem_clnt.c		diff \| blob \| history
test/recipes/70-test_tls13kexmodes.t		diff \| blob \| history
test/recipes/70-test_tls13messages.t		diff \| blob \| history