summaryrefslogtreecommitdiffstats
path: root/ssl/ssl_sess.c
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2016-11-03 16:05:27 +0100
committerMatt Caswell <matt@openssl.org>2016-11-16 11:09:46 +0100
commitc87386a2cd586368a61d86ede03319f910d050f4 (patch)
treeb6dc981173c7ff9b0f6aaa22309bd4ae442757f7 /ssl/ssl_sess.c
parentAdd processing of the key_share received in the ServerHello (diff)
downloadopenssl-c87386a2cd586368a61d86ede03319f910d050f4.tar.xz
openssl-c87386a2cd586368a61d86ede03319f910d050f4.zip
Add a TLS version consistency check during session resumption
This is a temporary fix for while we are still using the old session resumption logic in the TLSv1.3 code. Due to differences in EXTMS support we can't resume a <=TLSv1.2 session in a TLSv1.3 connection (the EXTMS consistency check causes the connection to abort). This causes test failures. Ultimately we will rewrite the session resumption logic for TLSv1.3 so this problem will go away. But until then we need a quick fix to keep the tests happy. Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to '')
-rw-r--r--ssl/ssl_sess.c17
1 files changed, 17 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 825e706561..47dbf85676 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -588,6 +588,23 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
goto err;
}
+ /*
+ * TODO(TLS1.3): This is temporary, because TLSv1.3 resumption is completely
+ * different. For now though we're still using the old resumption logic, so
+ * to avoid test failures we need this. Remove this code!
+ *
+ * Check TLS version consistency. We can't resume <=TLSv1.2 session if we
+ * have negotiated TLSv1.3, and vice versa.
+ */
+ if (!SSL_IS_DTLS(s)
+ && ((ret->ssl_version <= TLS1_2_VERSION
+ && s->version >=TLS1_3_VERSION)
+ || (ret->ssl_version >= TLS1_3_VERSION
+ && s->version <= TLS1_2_VERSION))) {
+ /* Continue but do not resume */
+ goto err;
+ }
+
/* Check extended master secret extension consistency */
if (ret->flags & SSL_SESS_FLAG_EXTMS) {
/* If old session includes extms, but new does not: abort handshake */