diff options
| author | Matt Caswell <matt@openssl.org> | 2018-07-19 16:51:58 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-07-20 10:52:02 +0100 |
| commit | d8434cf85691f32a17dcdfed6e81769a001074dd (patch) | |
| tree | 60081d7183d042598d3ba886ab9f607b41d2c354 /crypto/err | |
| parent | d6ce9da49b131cad85da8c94c617febf6c8d9073 (diff) | |
| download | openssl-d8434cf85691f32a17dcdfed6e81769a001074dd.zip openssl-d8434cf85691f32a17dcdfed6e81769a001074dd.tar.gz openssl-d8434cf85691f32a17dcdfed6e81769a001074dd.tar.bz2 | |
Validate legacy_version
The spec says that a client MUST set legacy_version to TLSv1.2, and
requires servers to verify that it isn't SSLv3.
Fixes #6600
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6747)
Diffstat (limited to 'crypto/err')
| -rw-r--r-- | crypto/err/openssl.txt | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 3e2bc69..a0dc3c5 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2581,6 +2581,7 @@ SSL_R_BAD_HELLO_REQUEST:105:bad hello request SSL_R_BAD_HRR_VERSION:263:bad hrr version SSL_R_BAD_KEY_SHARE:108:bad key share SSL_R_BAD_KEY_UPDATE:122:bad key update +SSL_R_BAD_LEGACY_VERSION:292:bad legacy version SSL_R_BAD_LENGTH:271:bad length SSL_R_BAD_PACKET:240:bad packet SSL_R_BAD_PACKET_LENGTH:115:bad packet length |