• David Benjamin's avatar
    crypto/tls: Enforce that version and cipher match on resume. · 73a0185a
    David Benjamin authored
    Per RFC 5246, 7.4.1.3:
    
       cipher_suite
          The single cipher suite selected by the server from the list in
          ClientHello.cipher_suites.  For resumed sessions, this field is
          the value from the state of the session being resumed.
    
    The specifications are not very clearly written about resuming sessions
    at the wrong version (i.e. is the TLS 1.0 notion of "session" the same
    type as the TLS 1.1 notion of "session"?). But every other
    implementation enforces this check and not doing so has some odd
    semantics.
    
    Change-Id: I6234708bd02b636c25139d83b0d35381167e5cad
    Reviewed-on: https://go-review.googlesource.com/21153Reviewed-by: 's avatarAdam Langley <agl@golang.org>
    73a0185a
Name
Last commit
Last update
.github Loading commit data...
api Loading commit data...
doc Loading commit data...
lib/time Loading commit data...
misc Loading commit data...
src Loading commit data...
test Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
AUTHORS Loading commit data...
CONTRIBUTING.md Loading commit data...
CONTRIBUTORS Loading commit data...
LICENSE Loading commit data...
PATENTS Loading commit data...
README.md Loading commit data...
favicon.ico Loading commit data...
robots.txt Loading commit data...