]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7535f26) | patch
Test+fix handling "wrong" downgrade signals
authorAnton Tieleman <git@oneton.nl>
Mon, 28 Apr 2025 11:49:25 +0000 (13:49 +0200)
committerTomas Mraz <tomas@openssl.org>
Tue, 29 Apr 2025 17:31:51 +0000 (19:31 +0200)
commit290fd4a0c87b5f777e928a80503ee20ca6e768de
tree8359a7c30dae94c0b4fd1bc7a34c424496416adbtree
parent7535f26210afa386fe9021a79dbaea13fbb9e649commit | diff
Test+fix handling "wrong" downgrade signals

This accounts for cases that can only occur when een non-compliant server sends
the wrong downgrade signal. (TLS1.1 signal when negotiating TLS1.2 or TLS1.2
signal when negotiating TLS1.0/TLS1.1). According to the TLS1.3 RFC these
cases should be rejected:

RFC8446, section 4.1.3: TLS 1.3 clients receiving a ServerHello indicating
TLS 1.2 or below MUST check that the last 8 bytes are not equal to either of
these values. TLS 1.2 clients SHOULD also check that the last 8 bytes are
not equal to the second value if the ServerHello indicates TLS 1.1 or below.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27518)
ssl/statem/statem_lib.c diff | blob | blame | history
test/recipes/70-test_tls13downgrade.t diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git