]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cc37ef7) | patch
Check that a supported_versions extension is present in an HRR
authorMatt Caswell <matt@openssl.org>
Thu, 1 Aug 2024 13:55:11 +0000 (14:55 +0100)
committerTomas Mraz <tomas@openssl.org>
Wed, 7 Aug 2024 17:34:23 +0000 (19:34 +0200)
commit293d0a0052166222a4b8a0bdd12e6ceca812f6ab
tree1d1edf50899738e880f9dffdeefd9a88df7691b8tree
parentcc37ef7d90871f64a3f6bb5f42d20a7b88ebc6a3commit | diff
Check that a supported_versions extension is present in an HRR

If an HRR is sent then it MUST contain supported_versions according to the
RFC. We were sanity checking any supported_versions extension that was sent
but failed to verify that it was actually present.

Fixes #25041

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25068)
crypto/err/openssl.txt diff | blob | blame | history
include/openssl/sslerr.h diff | blob | blame | history
ssl/ssl_err.c diff | blob | blame | history
ssl/statem/extensions.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git