Always require an advertised NewSessionTicket message. (de2c7504) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit de2c7504 authored Nov 19, 2014 by

Emilia Kasper

Always require an advertised NewSessionTicket message.



The server must send a NewSessionTicket message if it advertised one
in the ServerHello, so make a missing ticket message an alert
in the client.

An equivalent change was independently made in BoringSSL, see commit
6444287806d801b9a45baf1f6f02a0e3a16e144c.

Reviewed-by: Matt Caswell <matt@openssl.org>

parent 980bc1ec

Hide whitespace changes

Inline Side-by-side

Please register or to comment