Skip to content
  1. Jan 03, 2018
    • Benjamin Kaduk's avatar
      Permit the "supported_groups" extension in ServerHellos · 7bc2bddb
      Benjamin Kaduk authored
      
      
      Although this is forbidden by all three(!) relevant specifications,
      there seem to be multiple server implementations in the wild that
      send it.  Since we didn't check for unexpected extensions in any
      given message type until TLS 1.3 support was added, our previous
      behavior was to silently accept these extensions and pass them over
      to the custom extension callback (if any).  In order to avoid
      regression of functionality, relax the check for "extension in
      unexpected context" for this specific case, but leave the protocol
      enforcment mechanism unchanged for other extensions and in other
      extension contexts.
      
      Leave a detailed comment to indicate what is going on.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/4463)
      7bc2bddb
  2. Jan 02, 2018
  3. Dec 28, 2017
  4. Dec 27, 2017
  5. Dec 26, 2017
  6. Dec 25, 2017
  7. Dec 23, 2017
  8. Dec 22, 2017
  9. Dec 18, 2017
  10. Dec 17, 2017
  11. Dec 15, 2017
  12. Dec 14, 2017