projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b510b74) | patch
Allow a client to send early_data with SNI if the session has no SNI
authorMatt Caswell <matt@openssl.org>
Tue, 14 Nov 2017 13:55:21 +0000 (13:55 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 21 Nov 2017 17:46:22 +0000 (17:46 +0000)
commitbfab12bb7dbd32cb13a8d518f312857ebd045541
tree2880cf8691dac3ba3d839be90e93e933fd6d27c0tree | snapshot
parentb510b740fb4e3cb35e6f297c232c0e776dbcbc71commit | diff
Allow a client to send early_data with SNI if the session has no SNI

We can only send early_data if the SNI is consistent. However it is valid
for the client to set SNI and the server to not use it. This would still be
counted as consistent. OpenSSL client was being overzealous in this check
and disallowing this scenario.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4738)
ssl/statem/extensions_clnt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.