fragattacks/patches
Jouni Malinen fe2b7dda02 Fixed fallback to full handshake when server rejects PAC-Opaque
The TLS client changes in ssl3_get_server_hello() were based on the
pre-RFC 5077 version of OpenSSL and they hardcoded s->hit to 1 in case
PAC-Opaque was used. This prevented fallback to full TLS handshake in case
the server rejected PAC-Opaque in ClientHello. The fixed version simplifies
ssl3_get_server_hello() and uses the new RFC 5077 functionality in OpenSSL
(ssl3_check_finished) to allow the state machine handle start of
abbreviated handshake based on the used ticket.
2008-04-15 17:24:06 +03:00
..
openssl-0.9.8-tls-extensions.patch Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
openssl-0.9.8d-tls-extensions.patch Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
openssl-0.9.8e-tls-extensions.patch Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
openssl-0.9.8g-tls-extensions.patch Fixed fallback to full handshake when server rejects PAC-Opaque 2008-04-15 17:24:06 +03:00
openssl-0.9.9-session-ticket.patch Fixed fallback to full handshake when server rejects PAC-Opaque 2008-04-15 17:08:15 +03:00