CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2020/04/08 10:23:58
Modified files:
lib/libssl : tls13_client.c
Log message:
Ensure legacy session ID is persistent during client TLS session.
Generate an unpredictable 32-byte legacy session ID during client
initialisation, rather than when the ClientHello message is being created.
Otherwise in the case of a HelloRetryRequest the legacy session ID values
will differ between the first and second ClientHello messages, which is
not permitted by the RFC.
Fixes an issue talking TLSv1.3 to smtp.mail.yahoo.com.
ok beck@
