projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cb1c3d1) | patch
Ignore an s_client psk in TLSv1.3 if not TLSv1.3 suitable
authorMatt Caswell <matt@openssl.org>
Tue, 30 Jan 2018 15:41:56 +0000 (15:41 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 14 Feb 2018 15:42:36 +0000 (15:42 +0000)
commit6e99ae58c8e1b4a41ae376f91affc7992b0738f7
treee64e0773a1fd863e04fc75558c0a1d8da4c346fdtree | snapshot
parentcb1c3d1a2714eb69012b079053f7fbcca1acc544commit | diff
Ignore an s_client psk in TLSv1.3 if not TLSv1.3 suitable

The s_client psk_use_session_cb callback has a comment stating that we
should ignore a key that isn't suitable for TLSv1.3. However we were
actually causing the connection to fail. Changing the return value fixes
the issue.

Also related to this is that the early_data extension was not marked as
TLSv1.3 only which it should be.

Fixes #5202

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5205)
apps/s_client.c diff | blob | history
ssl/statem/extensions.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.