[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] session ticket support
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [PATCH] session ticket support |
Date: |
Thu, 30 Jul 2009 23:48:43 +0300 |
On Tue, Jul 28, 2009 at 4:27 AM, Daiki Ueno<address@hidden> wrote:
> When I changed _gnutls_recv_new_session_ticket to generate new session
> ID, it started to work. I attach the new patch, which includes:
[...]
Hello Daiki,
I have some questions for you. I was checking the parts that unpack
and pack the session and was wondering whether using the
_gnutls_session_pack() would be possible. In that case both
implementations of the DB and session ticket backends will share
common code. The parts that triggered my interest there is that the
rfc suggests some structures that are actually another implementation
of those gnutls functions (and the individual cases such as
psk/certificates are already handled there). Do you think that the rfc
format for packed data would be more suitable, or there are reasons to
use it instead of the internal?
Another issue I noticed while checking the code is that if the session
ticket doesn't decrypt well or doesn't verify well, an error is
returned... Wouldn't it be more appropriate to just continue ignoring
the ticket and perform a full handshake?
all best,
Nikos
- [PATCH] session ticket support, Daiki Ueno, 2009/07/14
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/14
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/16
- Re: [PATCH] session ticket support, Daiki Ueno, 2009/07/17
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/17
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/25
- Re: [PATCH] session ticket support, Daiki Ueno, 2009/07/25
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/26
- Re: [PATCH] session ticket support, Daiki Ueno, 2009/07/27
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/29
- Re: [PATCH] session ticket support,
Nikos Mavrogiannopoulos <=