New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Old 1.1.1 pre-release versions fail talking to RFC TLSv1.3 #7315

Closed
mattcaswell opened this Issue Sep 25, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@mattcaswell
Member

mattcaswell commented Sep 25, 2018

OpenSSL 1.1.1-pre6 and below fail during a handshake with an RFC TLSv1.3 implementation. These versions get confused and think they have seen the draft version that is acceptable to them (draft-26 in the case of 1.1.1-pre6).

This issue was fixed in 1.1.1-pre7.

All users of pre-release versions of 1.1.1 are advised to upgrade to the final released version.

@mattcaswell

This comment has been minimized.

Member

mattcaswell commented Sep 25, 2018

I'm closing this immediately, since it is already fixed - but it is useful to have the issue present for people to refer to.

@Lekensteyn

This comment has been minimized.

Contributor

Lekensteyn commented Sep 25, 2018

I guess that the negotiation issue was fixed in commit 73cc84a, ssl/statem/statem_lib.c?

@mattcaswell

This comment has been minimized.

Member

mattcaswell commented Sep 25, 2018

Correct. See comment "Don't actually accept real TLSv1.3".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment