Jamil,
Do you have an idea for a unit test? Are there any test servers that
can do virtual server in our suites? (e.g. return certs based on their
server_name?)
Otherwise, I'd to do a quick double check of a couple things in the
code, but initially it looks ok.
Brad
On 10/12/2018 9:39 PM, Jamil Nimeh wrote:
Hello all,
This addresses an issue where the client hello in a resumed TLS 1.3
session lacks the server_name client hello extension. This can cause
servers who use this extension field to direct traffic to websites to
present other certificate chains for other websites than the one the
client actually desires (and specified in the original client hello
where the extension is present).
JBS: https://bugs.openjdk.java.net/browse/JDK-8211806
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8211806/
Happy Friday!
--Jamil
