[gnutls-devel] GnuTLS | handshake: defer setting downgrade sentinel until version is selected (!918)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue Feb 12 21:26:47 CET 2019
Nikos Mavrogiannopoulos started a new discussion on lib/handshake.c:
> _gnutls_handshake_log("HSK[%p]: Selected version %s\n", session, session->security_parameters.pversion->name);
> + /* set downgrade sentinel if the server supports TLS 1.3 and
This will not set the special value if the server resumes a TLS1.2 session with session IDs. I'm not sure that's necessarily bad as the RFC doesn't say anything about resumption.
Another side-effect is `_gnutls_user_hello_func` can be simplified, and does no longer need to call `_gnutls_gen_server_random` if I read it correctly.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/918#note_140686177
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel