Changeset 796d9a3 in mod_gnutls for src/gnutls_proxy.h

Timestamp:
Jun 6, 2020, 8:06:05 AM (18 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
asyncio, master
Children:
4f39196
Parents:
e6d9e47
Message:

Cache session tickets for proxy connections only when using TLS 1.3

TLS 1.3 provides forward secrecy for resumed sessions, TLS 1.2 does
not. The check has to happen before the check for
GNUTLS_SFLAGS_SESSION_TICKET because that flag doesn't seem to get set
for TLS 1.2 sessions, which would lead to misleading error
messages. The check for a cache comes first because it is the most
simple one.

(No files)

Note: See TracChangeset for help on using the changeset viewer.