diff options
author | beck <> | 2020-01-23 07:30:55 +0000 |
---|---|---|
committer | beck <> | 2020-01-23 07:30:55 +0000 |
commit | d0a2a4304e8bc55b8e532933c8af4982563b033b (patch) | |
tree | 3c6241065cc972e1b55e086b389921e9aa5eb52d /src/lib/libssl/tls13_internal.h | |
parent | a47fd2152ee5040be19d80d3d11f26ce798836f5 (diff) | |
download | openbsd-d0a2a4304e8bc55b8e532933c8af4982563b033b.tar.gz openbsd-d0a2a4304e8bc55b8e532933c8af4982563b033b.tar.bz2 openbsd-d0a2a4304e8bc55b8e532933c8af4982563b033b.zip |
Add checking int the client to check the magic values which are
set by a 1.3 server when it downgrades to tls 1.2 or 1.1 as per
RFC 8446 section 4.1.3
ok jsing@
Diffstat (limited to 'src/lib/libssl/tls13_internal.h')
-rw-r--r-- | src/lib/libssl/tls13_internal.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 12ba5750a0..f11d96f2ea 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: tls13_internal.h,v 1.48 2020/01/23 05:08:30 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_internal.h,v 1.49 2020/01/23 07:30:55 beck Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> |
4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> |
@@ -305,6 +305,9 @@ int tls13_error_setx(struct tls13_error *error, int code, int subcode, | |||
305 | tls13_error_setx(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \ | 305 | tls13_error_setx(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \ |
306 | (fmt), __VA_ARGS__) | 306 | (fmt), __VA_ARGS__) |
307 | 307 | ||
308 | extern uint8_t tls13_downgrade_12[8]; | ||
309 | extern uint8_t tls13_downgrade_11[8]; | ||
310 | |||
308 | __END_HIDDEN_DECLS | 311 | __END_HIDDEN_DECLS |
309 | 312 | ||
310 | #endif | 313 | #endif |