diff options
| author | Péter Dimitrov <[email protected]> | 2018-07-11 17:25:30 +0200 |
|---|---|---|
| committer | Péter Dimitrov <[email protected]> | 2018-07-19 14:30:00 +0200 |
| commit | 8c6116c5432f3198e7f50de04b4f777cb23b80b4 (patch) | |
| tree | 4a329b0cc995d083516a2cc1fcce567a3398530d /lib/ssl/src/ssl_internal.hrl | |
| parent | cba55e0a8c27b4e3f2a5c1bdc227f7421932b343 (diff) | |
| download | otp-8c6116c5432f3198e7f50de04b4f777cb23b80b4.tar.gz otp-8c6116c5432f3198e7f50de04b4f777cb23b80b4.tar.bz2 otp-8c6116c5432f3198e7f50de04b4f777cb23b80b4.zip | |
ssl: Update hello state (TLS 1.3)
Update hello state to handle the "supported_versions" extension
defined by TLS 1.3:
- If "supported_versions" is present in ServerHello, the client
will aboirt the handshake with an "illegal_parameter" alert.
- If "supported_versions" is present in ClientHello, the server
will select a version from "supported_versions" and ignore
ClientHello.legacy_version. If it only supports versions
greater than "supported_versions", the server aborts the
handshake with a "protocol_version" alert.
- If "supported_versions" is absent in ClientHello, the server
negotiates the minimum of ClientHello.legacy_version and
TLS 1.2. If it only supports version greater than
ClientHello.legacy_version, the server aborts the handshake
with a "protocol_version" alert.
Change-Id: I16eef15d77bf21209c6cc103546ddddca518483b
Diffstat (limited to 'lib/ssl/src/ssl_internal.hrl')
0 files changed, 0 insertions, 0 deletions