Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not allow dropping Extended Master Secret extension on renegotiaton #81

Merged
merged 1 commit into from Sep 22, 2021
Merged

Do not allow dropping Extended Master Secret extension on renegotiaton #81

merged 1 commit into from Sep 22, 2021

Conversation

hustliyilin
Copy link
Contributor

Abort renegotiation if server receives client hello with Extended Master
Secret extension dropped in comparison to the initial session.

Fixes #9754

Reviewed-by: Matt Caswell matt@openssl.org
(Merged from openssl/openssl#12045)

(cherry picked from commit 11d3235e2b5a1dc9f48c040b1f1b6bea86ffc745)
[Yilin: drop CHANGES.md and rebase babassl-8.2.1]

Signed-off-by: YiLin.Li YiLin.Li@linux.alibaba.com

@hustliyilin
Copy link
Contributor Author

hustliyilin commented Sep 19, 2021
edited

This patch is both from upstream and redhat's openssl-1.1.1g.src.rpm. So I cherry picked from commit 11d3235e2b5a1dc9f48c040b1f1b6bea86ffc745 and drop the CHANGES.md and rebase babassl-8.2.1.

@wa5i
Copy link
Contributor

wa5i commented Sep 22, 2021

image
Why is the patch of this test case file not merged?(in PR: https://github.com/openssl/openssl/pull/12045/files#diff-f6891342191bcd082c79f864756899f88ccc4c629728b8bf639b6b91650f5ce2)

@hustliyilin
Copy link
Contributor Author

image
Why is the patch of this test case file not merged?(in PR: https://github.com/openssl/openssl/pull/12045/files#diff-f6891342191bcd082c79f864756899f88ccc4c629728b8bf639b6b91650f5ce2)

OK,LGTM,I'll add it.

@t8m @hustliyilin
Do not allow dropping Extended Master Secret extension on renegotiaton
8bb830f 
Abort renegotiation if server receives client hello with Extended Master
Secret extension dropped in comparison to the initial session.

Fixes #9754

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from openssl/openssl#12099)

(cherry picked from commit 4b7097025305b219694dd8b04f84155cd12fb71d)
[Yilin: drop CHANGES.md]

Signed-off-by: YiLin.Li <YiLin.Li@linux.alibaba.com>
@hustliyilin
Copy link
Contributor Author

hustliyilin commented Sep 22, 2021
edited

I re-backport this patch from the openssl OpenSSL_1_1_1-stable branch rather than from the openssl master branch, the test commit can't be added to the openssl OpenSSL_1_1_1-stable branch according to the following @jinjiu @uudiin

image

@wa5i wa5i merged commit 29e6f63 into Tongsuo-Project:master Sep 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@InfoHunter InfoHunter InfoHunter approved these changes

@uudiin uudiin uudiin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@hustliyilin @wa5i @InfoHunter @uudiin @t8m