[openssl-dev] Minor bug in custom TLS extensions
Bill Cox
waywardgeek at google.com
Wed Sep 2 14:50:31 UTC 2015
On Wed, Sep 2, 2015 at 3:01 AM, Emilia Käsper <emilia at openssl.org> wrote:
>
> As far as I can see, the OpenSSL client processes extensions in the order
> they come in. But nothing is guaranteed.
>
I checked with the ietf tokbind list, and they say the server should not
send the TB header on session resume, so I'll change my code accordingly.
It looks like I have no need for this change to custom extensions after
all. Thanks for the help!
As for the order issue, we parse headers before creating any, so I'll just
not add the header in the AddCallback if s->hit is set on the server side.
This should behave well long term, I think.
Again, thank you for all the help so far. I owe you a virtual beer :)
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150902/e7db4e87/attachment.html>
More information about the openssl-dev
mailing list