KNOWN_BUGS: Schannel TLS 1.2 handshake bug in old Windows versions

author Jay Satiro <raysatiro@yahoo.com>

Tue, 18 Aug 2020 07:24:38 +0000 (03:24 -0400)

committer Jay Satiro <raysatiro@yahoo.com>

Tue, 18 Aug 2020 07:24:38 +0000 (03:24 -0400)
author Jay Satiro <raysatiro@yahoo.com>
Tue, 18 Aug 2020 07:24:38 +0000 (03:24 -0400)
committer Jay Satiro <raysatiro@yahoo.com>
Tue, 18 Aug 2020 07:24:38 +0000 (03:24 -0400)
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS

index 583995caca4e4d29b38b4f28461e510165e39937..e35172dafe93aad212b1d2564cc0dd8ea65cc556 100644 (file)
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -32,6 +32,7 @@ problems may have been fixed or changed somewhat since this was written!
   2.8 Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname
   2.9 TLS session cache doesn't work with TFO
   2.10 Store TLS context per transfer instead of per connection
+ 2.11 Schannel TLS 1.2 handshake bug in old Windows versions
  
   3. Email protocols
   3.1 IMAP SEARCH ALL truncated response
@@ -276,6 +277,14 @@ problems may have been fixed or changed somewhat since this was written!
  
   https://github.com/curl/curl/issues/5102
  
+2.11 Schannel TLS 1.2 handshake bug in old Windows versions
+
+ In old versions of Windows such as 7 and 8.1 the Schannel TLS 1.2 handshake
+ implementation likely has a bug that can rarely cause the key exchange to
+ fail, resulting in error SEC_E_BUFFER_TOO_SMALL or SEC_E_MESSAGE_ALTERED.
+
+ https://github.com/curl/curl/issues/5488
+
  3. Email protocols
  
  3.1 IMAP SEARCH ALL truncated response
author	Jay Satiro <raysatiro@yahoo.com>
	Tue, 18 Aug 2020 07:24:38 +0000 (03:24 -0400)
committer	Jay Satiro <raysatiro@yahoo.com>
	Tue, 18 Aug 2020 07:24:38 +0000 (03:24 -0400)