CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2020/06/24 01:28:38
Modified files:
lib/libssl : tls13_server.c
Log message:
Enforce restrictions for ClientHello extensions
RFC 8446 section 9.2 imposes some requirements on the extensions sent
in the ClientHello: key_share and supported_groups must either both be
present or both be absent. If no pre_shared_key was sent, the CH must
contain both signature_algorithms and supported_groups. If either of
these conditions is violated, servers must abort the handshake with a
missing_extensions alert. Add a function that enforces this. If we are
going to enforce that clients send an SNI, we can also do this in this
function.
Fixes failing test case in tlsfuzzer's test-tls13-keyshare-omitted.py
ok beck inoguchi jsing
