diff options
author | robot-contrib <robot-contrib@yandex-team.com> | 2022-08-10 11:44:54 +0300 |
---|---|---|
committer | robot-contrib <robot-contrib@yandex-team.com> | 2022-08-10 11:44:54 +0300 |
commit | 80e5365ef2b1dd1a7c608103d8c13c0515aa8e95 (patch) | |
tree | 4db54a4f3052afd1456be6c038bf3e9a39c51c71 /contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c | |
parent | b1e3c856d108130762d6ca0db45802eb791e7c59 (diff) | |
download | ydb-80e5365ef2b1dd1a7c608103d8c13c0515aa8e95.tar.gz |
Update contrib/restricted/aws/s2n to 1.3.19
Diffstat (limited to 'contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c')
-rw-r--r-- | contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c b/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c index 36ec3d339f..0fd8d83c5d 100644 --- a/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c +++ b/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c @@ -52,6 +52,16 @@ static int s2n_client_ems_recv(struct s2n_connection *conn, struct s2n_stuffer * return S2N_SUCCESS; } +/** + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 + *= type=exception + *# When offering an abbreviated handshake, the client MUST send the + *# "extended_master_secret" extension in its ClientHello. + * + * We added an exception here in order to prevent a drop in + * session resumption rates during deployment. Eventually clients + * will be forced to do a full handshake as sessions expire and pick up EMS at that point. + **/ static bool s2n_client_ems_should_send(struct s2n_connection *conn) { /* Don't send this extension if the previous session did not negotiate EMS */ |