Files
wolfssl/tests/api
Juliusz Sosinowicz 130f683d8c Validate minDowngrade in wolfSSL_SetSession before reusing version
When resuming a session wolfSSL_SetSession unconditionally
overwrote ssl->version with the version stored in the cached
session, even if that version was below the WOLFSSL's configured
minDowngrade. The overwritten version then fed straight into
SendClientHello, so a client configured to require TLS 1.2 or
higher could still emit a ClientHello advertising e.g. TLS 1.0
when resuming an old cached session. The ServerHello path catches
the actual downgrade, but the ClientHello version is already a
protocol-conformance issue and can confuse middleboxes.

Reject the session if its stored minor version is below
ssl->options.minDowngrade. The check is DTLS-aware: DTLS minor
versions decrease as the protocol version increases, so the
direction of the comparison is flipped for DTLS.

F-2105
2026-05-14 14:07:53 +02:00
..
2026-02-18 09:52:21 -07:00
2026-05-12 20:59:29 +00:00
2026-05-12 20:59:29 +00:00
2026-02-18 09:52:21 -07:00
2026-04-15 17:05:32 +10:00
2026-02-18 09:52:21 -07:00
2026-05-07 07:33:56 -05:00
2026-05-07 07:33:56 -05:00
2026-04-15 17:05:32 +10:00
2026-04-15 17:05:32 +10:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-08 18:50:44 +02:00
2026-04-23 11:26:33 +02:00
2026-03-05 08:51:52 -06:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-26 14:51:49 -06:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-12 20:59:29 +00:00
2026-05-12 20:59:29 +00:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-07 02:33:58 +00:00
2026-05-07 02:33:58 +00:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-11 15:06:32 -05:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-04-09 13:09:17 -04:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-07 07:32:51 -05:00
2026-05-07 07:31:25 -05:00
2026-05-12 20:59:29 +00:00
2026-05-12 20:59:29 +00:00
2026-05-12 20:57:31 +00:00
2026-05-12 20:57:31 +00:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-12 20:59:29 +00:00
2026-05-12 20:59:29 +00:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-12 20:59:29 +00:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-05-07 02:33:58 +00:00
2026-05-07 02:33:58 +00:00
2026-05-11 12:09:50 -05:00
2026-02-18 09:52:21 -07:00
2026-04-14 07:47:29 -05:00