public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/util
History
Matt Caswell 4e8548e80e Introduce the recv_max_early_data setting 
Previoulsy we just had max_early_data which controlled both the value of
max early_data that we advertise in tickets *and* the amount of early_data
that we are willing to receive from clients. This doesn't work too well in
the case where we want to reduce a previously advertised max_early_data
value. In that case clients with old, stale tickets may attempt to send us
more early data than we are willing to receive. Instead of rejecting the
early data we abort the connection if that happens.

To avoid this we introduce a new "recv_max_early_data" value. The old
max_early_data becomes the value that is advertised in tickets while
recv_max_early_data is the maximum we will tolerate from clients.

Fixes #6647

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6655)
2018-07-06 09:26:39 +01:00
..
perl export data_dir of Test.pm, which was forgotten in #5928 2018-06-11 17:01:52 +02:00
add-depends.pl VMS C: reduce the dependency paths to be relative 2018-03-16 09:33:54 +01:00
build.info VMS: throw away [.util]shareable_image_wrap.c.in and add replacement scripts 2017-03-14 22:27:17 +01:00
check-malloc-errs Fix last(?) batch of malloc-NULL places 2018-04-26 14:02:24 -04:00
ck_errf.pl Update copyright year 2018-06-20 15:29:23 +01:00
copy.pl Update copyright year 2018-05-29 13:16:04 +01:00
dofile.pl Revert "util/dofile.pl: only quote stuff that actually needs quoting" 2018-03-29 09:11:44 +02:00
find-doc-nits Copyright update of more files that have changed this year 2018-01-19 13:34:03 +01:00
find-unused-errs Add -f -r flags to find-unused-errs 2017-04-16 07:57:12 -04:00
indent.pro Style: ssl.h 2018-04-18 09:04:55 +01:00
libcrypto.num Modify the DEVRANDOM source so that the files are kept open persistently. 2018-06-27 07:15:36 +10:00
libssl.num Introduce the recv_max_early_data setting 2018-07-06 09:26:39 +01:00
local_shlib.com.in VMS: don't use /DSF, turn off CALL_DEBUG instead 2017-03-15 03:09:57 +01:00
mkbuildinf.pl Fix SOURCE_DATE_EPOCH bug; use UTC 2017-11-27 14:34:14 -05:00
mkdef.pl Configurations/10-main.conf: replace -bexpall with explicit list on AIX. 2018-06-13 10:48:27 +02:00
mkdir-p.pl utils/mkdir-p: check if dir exists also after mkdir failed 2016-06-23 11:10:29 -04:00
mkerr.pl Small simplification in mkerr.pl 2018-02-09 07:04:32 -05:00
mkrc.pl Update copyright year 2018-04-03 13:57:12 +01:00
openssl-format-source Fix some Typos and indents 2017-08-11 10:16:33 -04:00
openssl-update-copyright Enhance util/openssl-update-copyright shell script 2018-01-10 18:23:28 +01:00
opensslwrap.sh opensslwrap.sh to respect $OPENSSL_ENGINES. 2006-12-29 15:00:36 +00:00
private.num Document the new early data callback and option 2018-07-02 15:06:12 +01:00
process_docs.pl Update copyright year 2018-05-29 13:16:04 +01:00
shlib_wrap.sh.in Configure,util/shlib_wrap.sh: harmonize -Wl and -rpath handling. 2018-06-22 11:17:57 +02:00
su-filter.pl Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
unlocal_shlib.com.in VMS: don't use /DSF, turn off CALL_DEBUG instead 2017-03-15 03:09:57 +01:00