[openssl] master update
kaduk at mit.edu
kaduk at mit.edu
Tue May 19 17:25:17 UTC 2020
The branch master has been updated
via b2a5001d954e81e2a582f2a935212ab554a3cbbe (commit)
via e0bcb4f97f7496af032013ead15b7472b60e85fa (commit)
from e638112e15c63bfb4ab9bf5af66aa439e5983f23 (commit)
- Log -----------------------------------------------------------------
commit b2a5001d954e81e2a582f2a935212ab554a3cbbe
Author: raja-ashok <rashok.svks at gmail.com>
Date: Wed May 13 23:37:14 2020 +0530
Update early data exchange scenarios in doc
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11816)
commit e0bcb4f97f7496af032013ead15b7472b60e85fa
Author: raja-ashok <rashok.svks at gmail.com>
Date: Wed May 13 23:32:44 2020 +0530
Update limitation of psk_client_cb and psk_server_cb in usage with TLSv1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11816)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/SSL_CTX_set_psk_client_callback.pod | 4 +++-
doc/man3/SSL_CTX_use_psk_identity_hint.pod | 4 +++-
doc/man3/SSL_read_early_data.pod | 9 +++++----
3 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/doc/man3/SSL_CTX_set_psk_client_callback.pod b/doc/man3/SSL_CTX_set_psk_client_callback.pod
index 55ffb31c49..70eefa0265 100644
--- a/doc/man3/SSL_CTX_set_psk_client_callback.pod
+++ b/doc/man3/SSL_CTX_set_psk_client_callback.pod
@@ -123,7 +123,9 @@ and it will use that in preference. If no such callback is present then it will
check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or
SSL_set_psk_client_callback() and use that. In this case the B<hint> value will
always be NULL and the handshake digest will default to SHA-256 for any returned
-PSK.
+PSK. TLSv1.3 early data exchanges are possible in PSK connections only with the
+B<SSL_psk_use_session_cb_func> callback, and are not possible with the
+B<SSL_psk_client_cb_func> callback.
=head1 NOTES
diff --git a/doc/man3/SSL_CTX_use_psk_identity_hint.pod b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
index 937c91a3c8..0e70d4d531 100644
--- a/doc/man3/SSL_CTX_use_psk_identity_hint.pod
+++ b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
@@ -83,7 +83,9 @@ via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback
and it will use that in preference. If no such callback is present then it will
check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or
SSL_set_psk_server_callback() and use that. In this case the handshake digest
-will default to SHA-256 for any returned PSK.
+will default to SHA-256 for any returned PSK. TLSv1.3 early data exchanges are
+possible in PSK connections only with the B<SSL_psk_find_session_cb_func>
+callback, and are not possible with the B<SSL_psk_server_cb_func> callback.
A connection established via a TLSv1.3 PSK will appear as if session resumption
has occurred so that L<SSL_session_reused(3)> will return true.
diff --git a/doc/man3/SSL_read_early_data.pod b/doc/man3/SSL_read_early_data.pod
index 4f1593638c..dd86831767 100644
--- a/doc/man3/SSL_read_early_data.pod
+++ b/doc/man3/SSL_read_early_data.pod
@@ -58,10 +58,11 @@ SSL_set_allow_early_data_cb
These functions are used to send and receive early data where TLSv1.3 has been
negotiated. Early data can be sent by the client immediately after its initial
ClientHello without having to wait for the server to complete the handshake.
-Early data can only be sent if a session has previously been established with
-the server, and the server is known to support it. Additionally these functions
-can be used to send data from the server to the client when the client has not
-yet completed the authentication stage of the handshake.
+Early data can be sent if a session has previously been established with the
+server or when establishing a new session using an out-of-band PSK, and only
+when the server is known to support it. Additionally these functions can be used
+to send data from the server to the client when the client has not yet completed
+the authentication stage of the handshake.
Early data has weaker security properties than other data sent over an SSL/TLS
connection. In particular the data does not have forward secrecy. There are also
More information about the openssl-commits
mailing list