]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1ff3ce8) | patch
Test+fix handling "wrong" downgrade signals
authorAnton Tieleman <git@oneton.nl>
Mon, 28 Apr 2025 11:49:25 +0000 (13:49 +0200)
committerTomas Mraz <tomas@openssl.org>
Tue, 29 Apr 2025 17:32:32 +0000 (19:32 +0200)
commit3703a5c499f05ea8fcee57f2c9eaf0af35bd8cb3
treef694279151e2c7625d10c189e42f6dcc890c7175tree
parent1ff3ce8252f0c8ff55f06af7ad04aab1ca56c0f2commit | diff
Test+fix handling "wrong" downgrade signals

This accounts for cases that can only occur when een non-compliant server sends
the wrong downgrade signal. (TLS1.1 signal when negotiating TLS1.2 or TLS1.2
signal when negotiating TLS1.0/TLS1.1). According to the TLS1.3 RFC these
cases should be rejected:

RFC8446, section 4.1.3: TLS 1.3 clients receiving a ServerHello indicating
TLS 1.2 or below MUST check that the last 8 bytes are not equal to either of
these values. TLS 1.2 clients SHOULD also check that the last 8 bytes are
not equal to the second value if the ServerHello indicates TLS 1.1 or below.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27518)

(cherry picked from commit 290fd4a0c87b5f777e928a80503ee20ca6e768de)
ssl/statem/statem_lib.c diff | blob | blame | history
test/recipes/70-test_tls13downgrade.t diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git