[gnutls-devel] GnuTLS | handshake: defer setting downgrade sentinel until version is selected (!918)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Feb 18 17:47:05 CET 2019
Daiki Ueno commented on a discussion on lib/handshake.c:
>
> _gnutls_handshake_log("HSK[%p]: Selected version %s\n", session, session->security_parameters.pversion->name);
>
> + /* set downgrade sentinel if the server supports TLS 1.3 and
OK, so I ended up with regenerating server random upon handling "supported_versions" extension - that could effectively delay the setting of downgrade sentinel.
Also modified `rnd-check-rollback-val.c` to cover the resumption case.
Thank you for the suggestions.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/918#note_142376123
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190218/50ab2351/attachment-0001.html>
More information about the Gnutls-devel
mailing list