Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2093428834151ea4788aa773b5aa2d35e0bbc90a https://github.com/openssl/openssl/commit/2093428834151ea4788aa773b5aa2d35e0bbc90a Author: Matt Caswell <m...@openssl.org> Date: 2022-08-29 (Mon, 29 Aug 2022)
Changed paths: M ssl/record/methods/tlsany_meth.c Log Message: ----------- Tolerate a bad record version in TLSv1.3 plaintext records When a server responds to a second TLSv1.3 ClientHello it is required to set the legacy_record_version to 0x0303 (TLSv1.2). The client is required to ignore that field even if it is wrong. The recent changes to the read record layer in PR #18132 made the record layer stricter and it was checking that the legacy_record_version was the correct value. This caused connection failures when talking to buggy servers that set the wrong legacy_record_version value. We make us more tolerant again. Fixes #19051 Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19058) Commit: 723844d3762c05727e8f6f21d0a1098e23302ebd https://github.com/openssl/openssl/commit/723844d3762c05727e8f6f21d0a1098e23302ebd Author: Matt Caswell <m...@openssl.org> Date: 2022-08-29 (Mon, 29 Aug 2022) Changed paths: M test/recipes/70-test_sslrecords.t Log Message: ----------- Test that we ignore a bad record version in a plaintext TLSv1.3 record The RFC requires us to ignore this field in plaintext records - so even if it is set incorrectly we should tolerate it. Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19058) Compare: https://github.com/openssl/openssl/compare/6347b86778a3...723844d3762c