wolfSSL / wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

https://www.wolfssl.com

GNU General Public License v2.0

2.23k stars 799 forks source link

TLS: wrong TLS version in alert after ClientHello #7628

Closed SparkiDev closed 1 week ago

SparkiDev commented 1 month ago

Description

Ignore protocol version being less than expected when received directly after ClientHello. Protocol version negotiation hasn't taken place and a lower version can be sent to cover minimum supported protocol version.

Fixes zd#18099

Testing

./tests/unit.test -test_tls_alert_no_server_hello

Checklist

[x] added tests
[ ] updated/added doxygen
[ ] updated appropriate READMEs
[ ] Updated manual and documentation