kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

obfuscated_ticket_age must also be reset when comparing.

Browse Source 
Thanks to Eric Rescorla for catching this.

Change-Id: Id0a024d7f705519cfe76d350e0ef2688dbd11a22
Reviewed-on: https://boringssl-review.googlesource.com/12303
Reviewed-by: Nick Harper <nharper@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2016-11-15 18:19:55 +09:00 committed by CQ bot account: commit-bot@chromium.org
parent 75f9914e17
commit ea80f9d5df
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssl/test/runner/handshake_server.go
View File

@ -637,6 +637,15 @@ ResendHelloRetryRequest:
}
newClientHelloCopy.tls13Cookie = nil
}
// PSK binders and obfuscated ticket age are both updated in the
// second ClientHello.
if len(oldClientHelloCopy.pskIdentities) != len(newClientHelloCopy.pskIdentities) {
return errors.New("tls: PSK identity count from old and new ClientHello do not match")
}
for i, identity := range oldClientHelloCopy.pskIdentities {
newClientHelloCopy.pskIdentities[i].obfuscatedTicketAge = identity.obfuscatedTicketAge
}
newClientHelloCopy.pskBinders = oldClientHelloCopy.pskBinders
if !oldClientHelloCopy.equal(&newClientHelloCopy) {