Fix downgrading from TLS v1.3 to TLS v1.2

Fix handling of ServerHello in TLS v1.3 to support TLS v1.2 when downgrading. Added support in client and server examples for using downgrade method: wolfSSLv23_client_method_ex() or wolfSSLv23_server_method_ex(). Add tests, using downgrade version, of client or server downgrading from TLS v1.3 to TLS v1.2.
2026-05-05 20:44:38 +02:00 · 2018-02-22 11:05:58 +10:00
parent dc4edd0cd9
commit da4024b46a
8 changed files with 141 additions and 32 deletions
@@ -643,6 +643,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
                break;

            case 'v' :
+                if (myoptarg[0] == 'd') {
+                    version = SERVER_DOWNGRADE_VERSION;
+                    break;
+                }
                version = atoi(myoptarg);
                if (version < 0 || version > 4) {
                    Usage();
@@ -893,6 +897,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
            method = wolfTLSv1_3_server_method_ex;
            break;
    #endif
+
+        case SERVER_DOWNGRADE_VERSION:
+            method = wolfSSLv23_server_method_ex;
+            break;
 #endif /* NO_TLS */

 #ifdef CYASSL_DTLS