artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a7bd919) | patch
Only permit CCS messages if requesting middlebox compatibility mode.
authorjsing <jsing@openbsd.org>
Sun, 11 Sep 2022 14:33:07 +0000 (14:33 +0000)
committerjsing <jsing@openbsd.org>
Sun, 11 Sep 2022 14:33:07 +0000 (14:33 +0000)
commit52999e1f7e30b54f4a2484ac63d95db925c9b889
tree79942f071f269003b1339257bc78346a30f5ba15tree | snapshot
parenta7bd9199e024450bb4d67cdaf576d14eeaddc31ecommit | diff
Only permit CCS messages if requesting middlebox compatibility mode.

Currently the TLSv1.3 client always permits the server to send CCS
messages. Be more strict and only permit this if the client is actually
requesitng middlebox compatibility mode.

ok tb@
lib/libssl/tls13_client.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim