mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-18 05:42:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve the changelog entry for fixing legacy compression issue

Browse Source 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
This commit is contained in:
Waleed Elmelegy 2024-08-22 16:27:27 +00:00
parent b5df9d8b65
commit 65e73c88bd
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ChangeLog.d/fix-legacy-compression-issue.txt
View File

@ -1,7 +1,7 @@
Bugfix Bugfix
* Fix an issue where ssl_tls13_parse_client_hello() assumed legacy_compression_methods * Fix an issue where TLS 1.2 clients who send a ClientHello message with
length would always be zero, which is true for TLS 1.3. However, with TLS 1.3 enabled legacy_compression_methods get a failure in connection because TLS 1.3
by default, all ClientHello requests (including TLS 1.2 requests) are initially is enabled by default and the server rejects the ClientHello packet as
processed by ssl_tls13_parse_client_hello() before being passed to the TLS 1.2 malformed for TLS 1.3 in a way that stops the fallback to TLS 1.2.
parsing function. This caused an issue where legacy_compression_methods fixes #8995, #9243.
might not be zero for TLS 1.2 requests, as it is processed earlier.