[gnutls-devel] GnuTLS | handshake: defer setting downgrade sentinel until version is selected (!918)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Feb 18 17:47:05 CET 2019
Daiki Ueno commented on a discussion on lib/handshake.c:
> _gnutls_handshake_log("HSK[%p]: Selected version %s\n", session, session->security_parameters.pversion->name);
> + /* set downgrade sentinel if the server supports TLS 1.3 and
OK, so I ended up with regenerating server random upon handling "supported_versions" extension - that could effectively delay the setting of downgrade sentinel.
Also modified `rnd-check-rollback-val.c` to cover the resumption case.
Thank you for the suggestions.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/918#note_142376123
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel