Tolerate cipher changes on TLS 1.3 resumption as a client. As a client, we must tolerate this to avoid interoperability failures with allowed server behaviors. BUG=117 Change-Id: I9c40a2a048282e2e63ab5ee1d40773fc2eda110a Reviewed-on: https://boringssl-review.googlesource.com/12311 Reviewed-by: David Benjamin <davidben@google.com>

commit: e1cc35e581a6d42f618d8c783f36faebc6023bb7 [log] [tgz]
author: David Benjamin <davidben@google.com> Wed Nov 16 16:25:58 2016 +0900
committer: David Benjamin <davidben@google.com> Wed Nov 16 13:27:07 2016 +0000
tree: 72618947771130b26a781aa673adcd0c444ab193
parent: 2b02f4b67d801fc396578b2f63102d6d5be51421 [diff] [blame]
diff --git a/ssl/tls13_client.c b/ssl/tls13_client.c
index ee82535..4a30ce3 100644
--- a/ssl/tls13_client.c
+++ b/ssl/tls13_client.c

@@ -241,8 +241,8 @@
       return ssl_hs_error;
     }
 
-    if (ssl->session->cipher != cipher) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+    if (ssl->session->cipher->algorithm_prf != cipher->algorithm_prf) {
+      OPENSSL_PUT_ERROR(SSL, SSL_R_OLD_SESSION_PRF_HASH_MISMATCH);
       ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
       return ssl_hs_error;
     }
commit	e1cc35e581a6d42f618d8c783f36faebc6023bb7	[log] [tgz]
author	David Benjamin <davidben@google.com>	Wed Nov 16 16:25:58 2016 +0900
committer	David Benjamin <davidben@google.com>	Wed Nov 16 13:27:07 2016 +0000
tree	72618947771130b26a781aa673adcd0c444ab193
parent	2b02f4b67d801fc396578b2f63102d6d5be51421 [diff] [blame]