mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-28 19:13:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled

Browse Source 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit is contained in:
Yanray Wang 2023-12-08 10:51:04 +08:00
parent 408ba6f7b8
commit 177e49ad7a
2 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/ssl_tls13_server.c
View File

@ -1923,7 +1923,7 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl)
/* Check if server supports TLS 1.2 */
if (!mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) {
MBEDTLS_SSL_DEBUG_MSG(
1, ("Unsupported version of TLS 1.2 was received"));
1, ("TLS 1.2 not supported."));
MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);

3
tests/ssl-opt.sh
View File

@ -11626,8 +11626,7 @@ run_test "TLS 1.3 m->m: Not supported version check: cli TLS 1.2 only, srv TLS 1
-c "supported_versions(43) extension does not exist." \
-c "A fatal alert message was received from our peer" \
-s "The SSL configuration is tls13 only" \
-s "Unsupported version of TLS 1.2 was received" \
-s "! mbedtls_ssl_handshake returned"
-s "TLS 1.2 not supported."
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C