Index: third_party/tlslite/tlslite/tlsconnection.py |
diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/tlslite/tlsconnection.py |
index 7363a309d24d9fa16bd09ebba10ca8edd55a7a75..6e26fdd7508234722e1d56a76459dc99e32af788 100644 |
--- a/third_party/tlslite/tlslite/tlsconnection.py |
+++ b/third_party/tlslite/tlslite/tlsconnection.py |
@@ -609,8 +609,8 @@ class TLSConnection(TLSRecordLayer): |
# Create the session object which is used for resumptions |
self.session = Session() |
self.session.create(masterSecret, serverHello.session_id, cipherSuite, |
- srpUsername, clientCertChain, serverCertChain, |
- tackExt, serverHello.tackExt!=None, serverName) |
+ srpUsername, clientCertChain, serverCertChain, clientHello.random, |
+ serverHello.random, tackExt, serverHello.tackExt!=None, serverName) |
self._handshakeDone(resumed=False) |
@@ -1411,8 +1411,8 @@ class TLSConnection(TLSRecordLayer): |
if clientHello.server_name: |
serverName = clientHello.server_name.decode("utf-8") |
self.session.create(masterSecret, serverHello.session_id, cipherSuite, |
- srpUsername, clientCertChain, serverCertChain, |
- tackExt, serverHello.tackExt!=None, serverName) |
+ srpUsername, clientCertChain, serverCertChain, clientHello.random, |
+ serverHello.random, tackExt, serverHello.tackExt!=None, serverName) |
#Add the session object to the session cache |
if sessionCache and sessionID: |
@@ -1536,6 +1536,10 @@ class TLSConnection(TLSRecordLayer): |
serverHello.extended_master_secret = \ |
clientHello.extended_master_secret and \ |
settings.enableExtendedMasterSecret |
+ for param in clientHello.tb_client_params: |
+ if param in settings.supportedTokenBindingParams: |
+ serverHello.tb_params = param |
+ break |
for result in self._sendMsg(serverHello): |
yield result |