[gnutls-devel] GnuTLS | GnuTLS sends protocol_version alert when client message contains unrecognized version (#1230)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue May 11 19:05:24 CEST 2021
Hubert Kario (@mention me if you need reply) commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1230#note_572903471
Actually RFC 8446 is quite clear on this, see https://datatracker.ietf.org/doc/html/rfc8446#page-79:
legacy_record_version: MUST be set to 0x0303 for all records
generated by a TLS 1.3 implementation other than an initial
ClientHello (i.e., one not generated after a HelloRetryRequest),
where it MAY also be 0x0301 for compatibility purposes. This
field is deprecated and MUST be ignored for all purposes.
Previous versions of TLS would use other values in this field
under some circumstances.
The key sentence being "MUST be ignored for all purposes".
As such, the message should be parsed by GnuTLS as well-formed Alert, but since the client MUST send ClientHello as the first message, the GnuTLS server should abort with `unexpected_message`.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1230#note_572903471
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel