From cc29bfd92aaa586ff681757f0f9c9b23e478e575 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 12 Aug 2022 23:12:35 +0200
Subject: [PATCH] Bug fixes from the split of
 ssl_handle_hs_message_post_handshake

The split of ssl_handle_hs_message_post_handshake() into
ssl_tls12_handle_hs_message_post_handshake() and
ssl_tls13_handle_hs_message_post_handshake() fixed some user-visible bugs.
Add a changelog entry for those bugs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 ChangeLog.d/tls13-only-renegotiation.txt | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 ChangeLog.d/tls13-only-renegotiation.txt

diff --git a/ChangeLog.d/tls13-only-renegotiation.txt b/ChangeLog.d/tls13-only-renegotiation.txt
new file mode 100644
index 000000000..f463de1af
--- /dev/null
+++ b/ChangeLog.d/tls13-only-renegotiation.txt
@@ -0,0 +1,5 @@
+Bugfix
+   * Fix the handling of renegotiation attempts in TLS 1.3. They are now
+     systematically rejected.
+   * Fix an unused-variable warning in TLS 1.3-only builds if
+     MBEDTLS_SSL_RENEGOTIATION was enabled. Fixes #6200.