Skip to content
  1. Jan 23, 2018
  2. Jan 22, 2018
  3. Jan 21, 2018
  4. Jan 20, 2018
  5. Jan 19, 2018
  6. Jan 18, 2018
  7. Jan 17, 2018
  8. Jan 16, 2018
  9. Jan 15, 2018
  10. Jan 14, 2018
  11. Jan 13, 2018
  12. Jan 12, 2018
  13. Jan 10, 2018
  14. Jan 09, 2018
    • Matt Caswell's avatar
      Tolerate DTLS alerts with an incorrect version number · 08455bc9
      Matt Caswell authored
      
      
      In the case of a protocol version alert being sent by a peer the record
      version number may not be what we are expecting. In DTLS records with an
      unexpected version number are silently discarded. This probably isn't
      appropriate for alerts, so we tolerate a mismatch in the minor version
      number.
      
      This resolves an issue reported on openssl-users where an OpenSSL server
      chose DTLS1.0 but the client was DTLS1.2 only and sent a protocol_version
      alert with a 1.2 record number. This was silently ignored by the server.
      
      Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/5018)
      08455bc9