projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a812f8f) | patch
Improve RFC 8446 PSK key exchange mode compliance
authorBenjamin Kaduk <bkaduk@akamai.com>
Tue, 30 Mar 2021 06:03:49 +0000 (23:03 -0700)
committerBenjamin Kaduk <bkaduk@akamai.com>
Fri, 14 May 2021 18:40:21 +0000 (11:40 -0700)
commit1ab7b9991ba00a1423ec6c5898a70e11d1337cfb
treed19163881ff7c4a75fe0be6d519537fcb4742162tree | snapshot
parenta812f8fc8f3c9ba30e5ecd2c168cca0613f15dcdcommit | diff
Improve RFC 8446 PSK key exchange mode compliance

It's a MUST-level requirement that if the client sends a pre_shared_key
extension not accompanied by a psk_key_exchange_modes extension, the
server must abort the handshake.  Prior to this commit the server
would continue on.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit efe0f315354b020213097885c79ce856a2f5ac68)

(Merged from https://github.com/openssl/openssl/pull/15255)
ssl/statem/extensions.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.