diff options
author | Wil Tan <[email protected]> | 2010-01-07 03:18:45 +1100 |
---|---|---|
committer | Dan Gudmundsson <[email protected]> | 2010-01-12 13:45:25 +0100 |
commit | c9c70aa3cc4e2087cf0da4c4ba36f3dd4e4e4627 (patch) | |
tree | d5e416ba55189b471eb0adacb8e477a5efd90600 /lib/ssl/doc | |
parent | bce8acaa10f2265e5454c29097e33680076c7ccb (diff) | |
download | otp-c9c70aa3cc4e2087cf0da4c4ba36f3dd4e4e4627.tar.gz otp-c9c70aa3cc4e2087cf0da4c4ba36f3dd4e4e4627.tar.bz2 otp-c9c70aa3cc4e2087cf0da4c4ba36f3dd4e4e4627.zip |
new_ssl fix session reuse
When an SSL client presents a previous session ID, the server should
either honour the request to reuse the parameters previously negotiated
for the given session ID, or ignore the request and generate a new
session ID.
In this situation, new_ssl tries to complete the handshake by sending
the client a "Finished" handshake message, which violates the SSL/TLS
specs. It should instead send a ChangeCipherSpec message before sending
the FInished message. This patch fixes it.
Diffstat (limited to 'lib/ssl/doc')
0 files changed, 0 insertions, 0 deletions