Skip to content
  • Emilia Kasper's avatar
    Refactor ClientHello extension parsing · 06217867
    Emilia Kasper authored
    
    
    1) Simplify code with better PACKET methods.
    
    2) Make broken SNI parsing explicit. SNI was intended to be extensible
    to new name types but RFC 4366 defined the syntax inextensibly, and
    OpenSSL has never parsed SNI in a way that would allow adding a new name
    type. RFC 6066 fixed the definition but due to broken implementations
    being widespread, it appears impossible to ever extend SNI.
    
    3) Annotate resumption behaviour. OpenSSL doesn't currently handle all
    extensions correctly upon resumption. Annotate for further clean-up.
    
    4) Send an alert on ALPN protocol mismatch.
    
    Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
    06217867
To find the state of this project's repository at the time of any of these versions, check out the tags.