src/crypto/tls · adff422779709c83db91700fdcc0a0bd5dee6a21 · go / golang

crypto/tls: Never resume sessions across different versions. · ebbe4f8d

David Benjamin authored Feb 15, 2016

Instead, decline the session and do a full handshake. The semantics of
cross-version resume are unclear, and all major client implementations
treat this as a fatal error. (This doesn't come up very much, mostly if
the client does the browser version fallback without sharding the
session cache.)

See BoringSSL's bdf5e72f50e25f0e45e825c156168766d8442dde and OpenSSL's
9e189b9dc10786c755919e6792e923c584c918a1.

Change-Id: I51ca95ac1691870dd0c148fd967739e2d4f58824
Reviewed-on: https://go-review.googlesource.com/21152Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>

ebbe4f8d

Name	Last commit	Last update
..
testdata		Loading commit data...
alert.go		Loading commit data...
cipher_suites.go		Loading commit data...
common.go		Loading commit data...
conn.go		Loading commit data...
conn_test.go		Loading commit data...
example_test.go		Loading commit data...
generate_cert.go		Loading commit data...
handshake_client.go		Loading commit data...
handshake_client_test.go		Loading commit data...
handshake_messages.go		Loading commit data...
handshake_messages_test.go		Loading commit data...
handshake_server.go		Loading commit data...
handshake_server_test.go		Loading commit data...
handshake_test.go		Loading commit data...
key_agreement.go		Loading commit data...
prf.go		Loading commit data...
prf_test.go		Loading commit data...
ticket.go		Loading commit data...
tls.go		Loading commit data...
tls_test.go		Loading commit data...