Thank you for the report, sorry for the delay in looking at this. This
was fixed in 1.0.1 and later but never backported for some reason.
See if this works for you:
http://cvs.openssl.org/chngview?cn=23094
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support
yep that works.
- Original Message -
From: Stephen Henson via RT r...@openssl.org
To: daniel black daniel.bl...@openquery.com
Cc: openssl-dev@openssl.org
Sent: Tuesday, 11 December, 2012 3:49:10 AM
Subject: [openssl.org #2888] rfc5077 violation client side causing client
issued tls
RFC5077 3.4 paragraph two allows for renewing session tickets.
SSL_CTX_set_tlsext_ticket_key_cb facilitates its implemenation on the server
side allowing a return value of 2. Unfortunately the client side doesn't
recognise the sequence of messages generated and aborts.
I've use the
RFC5077 3.4 paragraph two
correction rfc5077 3.3 paragraph 2
I've also setup a server for testing:
https://nginxtest.openquery.com/
--
Daniel Black
__
OpenSSL Project http://www.openssl.org
