artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0d60206) | patch
TLSv1.3 server: avoid sending alerts in legacy records
authortb <tb@openbsd.org>
Tue, 8 Jun 2021 17:41:52 +0000 (17:41 +0000)
committertb <tb@openbsd.org>
Tue, 8 Jun 2021 17:41:52 +0000 (17:41 +0000)
commit6f6f3cb98ab1750835c247386b5e8f8015a29b5e
treee133acdf1d84c4d8876b7614b40fe67be7ac60d6tree | snapshot
parent0d60206666fb7858771dd072f581da074bd51554commit | diff
TLSv1.3 server: avoid sending alerts in legacy records

As soon as we know that we're dealing with a TLSv1.3 client, set
the legacy version in the record layer to 0x0303 so that we send
alerts with the correct record version.  Previously we would send
early alerts with a record version of 0x0300.

ok jsing
lib/libssl/tls13_server.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim