fe2b7dda02
The TLS client changes in ssl3_get_server_hello() were based on the pre-RFC 5077 version of OpenSSL and they hardcoded s->hit to 1 in case PAC-Opaque was used. This prevented fallback to full TLS handshake in case the server rejected PAC-Opaque in ClientHello. The fixed version simplifies ssl3_get_server_hello() and uses the new RFC 5077 functionality in OpenSSL (ssl3_check_finished) to allow the state machine handle start of abbreviated handshake based on the used ticket. |
||
---|---|---|
.. | ||
openssl-0.9.8-tls-extensions.patch | ||
openssl-0.9.8d-tls-extensions.patch | ||
openssl-0.9.8e-tls-extensions.patch | ||
openssl-0.9.8g-tls-extensions.patch | ||
openssl-0.9.9-session-ticket.patch |