Commit 10b9aa70 authored by Vladimír Čunát's avatar Vladimír Čunát Committed by Petr Špaček

TLS session resumption: disable on gnutls < 3.5

parent ded25f73
......@@ -5,6 +5,7 @@ Security
New features
------------
- TLS session resumption (RFC 5077), both server and client (!585, #105)
(disabled when compiling with gnutls < 3.5)
- aggressive caching for NSEC3 zones
- optional protection from DNS Rebinding attack (module rebinding)
......
......@@ -240,6 +240,10 @@ tst_ctx_t * tls_session_ticket_ctx_create(uv_loop_t *loop, const char *secret,
size_t secret_len)
{
assert(loop && (!secret_len || secret));
#if GNUTLS_VERSION_NUMBER < 0x030500
/* We would need different SESSION_KEY_SIZE; avoid assert. */
return NULL;
#endif
tst_ctx_t *ctx = tst_key_create(secret, secret_len, loop);
if (ctx) {
tst_key_check(&ctx->timer, true);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment