Integrated: JDK-8262509: JSSE Server should check the legacy version in TLSv1.3 ClientHello
John Jiang
jjiang at openjdk.java.net
Mon Mar 1 22:29:44 UTC 2021
On Mon, 1 Mar 2021 03:07:12 GMT, John Jiang <jjiang at openjdk.org> wrote:
> Per RFC 8446, section 4.1.2, the legacy_version field in ClientHello message MUST be set to 0x0303 (TLSv1.2).
> T13ClientHelloConsumer should do this check like that T13ServerHelloConsumer does.
This pull request has now been integrated.
Changeset: 353416ff
Author: John Jiang <jjiang at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/353416ff
Stats: 5 lines in 1 file changed: 5 ins; 0 del; 0 mod
8262509: JSSE Server should check the legacy version in TLSv1.3 ClientHello
Reviewed-by: xuelei, wetmore
-------------
PR: https://git.openjdk.java.net/jdk/pull/2772
More information about the security-dev
mailing list