ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-19 06:58:24 +08:00
Code Issues Releases Wiki Activity

ChangeLog: Updated the entry for tls-hs-defragmentation

Browse Source 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This commit is contained in:
Minos Galanakis 2025-02-19 11:37:39 +00:00
parent d708a63857
commit eddbb5a829
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog.d/tls-hs-defrag-in.txt
View File

@ -3,3 +3,10 @@ Bugfix
by the spec. Lack of support was causing handshake failures with some by the spec. Lack of support was causing handshake failures with some
servers, especially with TLS 1.3 in practice (though both protocol servers, especially with TLS 1.3 in practice (though both protocol
version could be affected in principle, and both are fixed now). version could be affected in principle, and both are fixed now).
The initial fragment for each handshake message must be at least 4 bytes.
Server-side, defragmentation of the ClientHello message is only
supported if the server accepts TLS 1.3 (regardless of whether the
ClientHello is 1.3 or 1.2). That is, servers configured (either
at compile time or at runtime) to only accept TLS 1.2 will
still fail the handshake if the ClientHello message is fragmented.