CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2020/03/06 09:36:47
Modified files:
lib/libssl : ssl_clnt.c
Log message:
RFC 8446, section 4.1.3: If a TLSv1.2 client receives a ServerHello for
TLSv1.1 or below, it should check whether the server's random value
contains the magic downgrade protection cookie and in that case abort
the handshake with an illegal parameter alert.
ok inoguchi, jsing
