Do not resume a session if the negotiated protocol version does not match
the session's version (server).
See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 9e189b9dc1
)
This commit is contained in:

committed by
Emilia Kasper

parent
6f71d7da64
commit
03d14f5887
@@ -1047,7 +1047,16 @@ int ssl3_get_client_hello(SSL *s)
|
||||
else
|
||||
{
|
||||
i=ssl_get_prev_session(s, p, j, d + n);
|
||||
if (i == 1)
|
||||
/*
|
||||
* Only resume if the session's version matches the negotiated
|
||||
* version.
|
||||
* RFC 5246 does not provide much useful advice on resumption
|
||||
* with a different protocol version. It doesn't forbid it but
|
||||
* the sanity of such behaviour would be questionable.
|
||||
* In practice, clients do not accept a version mismatch and
|
||||
* will abort the handshake with an error.
|
||||
*/
|
||||
if (i == 1 && s->version == s->session->ssl_version)
|
||||
{ /* previous session */
|
||||
s->hit=1;
|
||||
}
|
||||
|
Reference in New Issue
Block a user