Revise HelloVerifyRequest handling for DTLSv1.2. - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	jsing <jsing@openbsd.org>	2021-02-20 08:22:55 +0000
committer	jsing <jsing@openbsd.org>	2021-02-20 08:22:55 +0000
commit	4ddbf8556585183aac057df8d65818a2b90ef9bd (patch)
tree	bf1da6bc9064b28d738597d42b0e1be7aae7ac99 /lib/libssl/ssl_lib.c
parent	Group HelloVerifyRequest decoding and add missing check for trailing data. (diff)
download	wireguard-openbsd-4ddbf8556585183aac057df8d65818a2b90ef9bd.tar.xz wireguard-openbsd-4ddbf8556585183aac057df8d65818a2b90ef9bd.zip

Revise HelloVerifyRequest handling for DTLSv1.2.

Per RFC 6347 section 4.2.1, the HelloVerifyRequest should always contain DTLSv1.0 - ensure this is the case on the server side, allow both DTLSv1.0 and DTLSv1.2 on the client. ok tb@

Diffstat (limited to 'lib/libssl/ssl_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: