diff options
author | Fedor Indutny <fedor@indutny.com> | 2016-03-11 17:44:01 +0300 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2016-03-27 23:58:50 +0200 |
commit | ccae4a1582efcad311d095a8e6832b2b67d5ed05 (patch) | |
tree | a07c60e09166c40dcd6142f4c37888cb570f6ef1 /ssl/ssl_err.c | |
parent | ce84456ddf4e57c18a84858755b8b90c183a270e (diff) | |
download | openssl-ccae4a1582efcad311d095a8e6832b2b67d5ed05.tar.gz |
Allow different protocol version when trying to reuse a session
We now send the highest supported version by the client, even if the session
uses an older version.
This fixes 2 problems:
- When you try to reuse a session but the other side doesn't reuse it and
uses a different protocol version the connection will fail.
- When you're trying to reuse a session with an old version you might be
stuck trying to reuse the old version while both sides support a newer
version
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
GH: #852, MR: #2452
Diffstat (limited to 'ssl/ssl_err.c')
-rw-r--r-- | ssl/ssl_err.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 88f6c73cfe..d0cadc60f0 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -634,6 +634,8 @@ static ERR_STRING_DATA SSL_str_reasons[] = { "ssl session id context too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, + {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH), + "ssl session version mismatch"}, {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER), "tls client cert req with anon cipher"}, {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT), |