src/crypto · 3474610fbc81f7e9f3f2cb23dc1554b3f5cec657 · go / golang

crypto/tls: Never resume sessions across different versions. · ebbe4f8d

David Benjamin authored Feb 15, 2016

Instead, decline the session and do a full handshake. The semantics of
cross-version resume are unclear, and all major client implementations
treat this as a fatal error. (This doesn't come up very much, mostly if
the client does the browser version fallback without sharding the
session cache.)

See BoringSSL's bdf5e72f50e25f0e45e825c156168766d8442dde and OpenSSL's
9e189b9dc10786c755919e6792e923c584c918a1.

Change-Id: I51ca95ac1691870dd0c148fd967739e2d4f58824
Reviewed-on: https://go-review.googlesource.com/21152Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>

ebbe4f8d

Name	Last commit	Last update
..
aes		Loading commit data...
cipher		Loading commit data...
des		Loading commit data...
dsa		Loading commit data...
ecdsa		Loading commit data...
elliptic		Loading commit data...
hmac		Loading commit data...
md5		Loading commit data...
rand		Loading commit data...
rc4		Loading commit data...
rsa		Loading commit data...
sha1		Loading commit data...
sha256		Loading commit data...
sha512		Loading commit data...
subtle		Loading commit data...
tls		Loading commit data...
x509		Loading commit data...
crypto.go		Loading commit data...