Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 247b8e52527ed4facd9ff07cdef0df819193c0c3 https://github.com/openssl/openssl/commit/247b8e52527ed4facd9ff07cdef0df819193c0c3 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths: M ssl/statem/extensions_clnt.c M ssl/statem/extensions_srvr.c Log Message: ----------- Ensure that the key share group is allowed for our protocol version We should never send or accept a key share group that is not in the supported groups list or a group that isn't suitable for use in TLSv1.3 Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19317) Commit: 04719b208992750ffe2b9232c62ca9179185f3e5 https://github.com/openssl/openssl/commit/04719b208992750ffe2b9232c62ca9179185f3e5 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M test/recipes/70-test_key_share.t Log Message: ----------- Add a test for where a client sends a non-TLSv1.3 key share This should not happen but we should tolerate and send an HRR Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19317) Commit: 7b141d4934ab1254d65fd1859ca1c6eff1113b50 https://github.com/openssl/openssl/commit/7b141d4934ab1254d65fd1859ca1c6eff1113b50 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M test/ssl-tests/14-curves.cnf M test/ssl-tests/14-curves.cnf.in Log Message: ----------- Add a test for TLSv1.3 only client sending a correct key_share Make sure that a TLSv1.3 only client does not send a TLSv1.3 key_share. Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19317) Compare: https://github.com/openssl/openssl/compare/f78c51995e35...7b141d4934ab