[PATCH] session ticket support
Daiki Ueno
ueno at unixuser.org
Wed Aug 19 09:53:07 CEST 2009
(Sorry, please ignore the previous incomplete message I've sent by
mistake.)
>>>>> In <878whgdcdw.fsf at mocca.josefsson.org>
>>>>> Simon Josefsson <simon at josefsson.org> wrote:
> Your FSF papers have arrived so we should push your patch into the
> official repository. Do you have an updated patch, or should I use the
> last one you posted? Having more self-tests would be nice, but not
> essential.
Yes, please use the attached one. The following changes from the
previous patch have been applied:
* Support rehandshake when _gnutls_send_new_session_ticket() is
interrupted.
* Remove a bunch of compiler warnings when configured with
--enable-gcc-warnings.
* Add one of the self-tests as you suggested:
> * What happens if the client has a session ticket but the server has
> disabled session ticket support?
However, the other one has not yet not implemented since I couldn't find
an easy way to send arbitrary extension data from applications:
> * What happens if the client provides a garbage session ticket?
>
> - Does the RFC specify what should happen? I'd assume that the
> handshake continues as normal, but I'm not sure.
It will be detected during MAC verification and reported as "decryption
failed", and then the full-handshake should take place.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: session-ticket-2009-08-19.diff.gz
Type: application/octet-stream
Size: 10748 bytes
Desc: not available
URL: </pipermail/attachments/20090819/25fdebed/attachment.obj>
-------------- next part --------------
Regards,
--
Daiki Ueno
More information about the Gnutls-devel
mailing list