Revise ChangeLog entry for empty data records fixes

2024-10-18 10:11:04 +00:00 · 2018-07-24 12:54:15 +01:00 · 2018-07-24 12:54:15 +01:00 · 05330541ea
parent 116ac43d00
commit 05330541ea
1 changed files with 6 additions and 5 deletions
--- a/11
+++ b/11
@ -37,11 +37,12 @@ Bugfix
   * Fix compiler warning of 'use before initialisation' in
     mbedtls_pk_parse_key(). Found by Martin Boye Petersen and fixed by Dawid
     Drozd. #1098
-   * Fix decryption of zero length messages (all padding) in some circumstances:
-     DTLS 1.0 and 1.2, and CBC ciphersuites using encrypt-then-MAC. Most often
-     seen when communicating with OpenSSL using TLS 1.0. Reported by @kFYatek
-     (#1632) and by Conor Murphy on the forum. Fix contributed by Espressif
-     Systems.
+   * Fix decryption for zero length messages (which contain all padding) when a
+     CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
+     such a message was wrongly reported as an invalid record and therefore lead
+     to the connection being terminated. Seen most often with OpenSSL using
+     TLS 1.0. Reported by @kFYatek and by Conor Murphy on the forum. Fix
+     contributed by Espressif Systems. Fixes #1632
   * Fail when receiving a TLS alert message with an invalid length, or invalid
     zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
   * Fix ssl_client2 example to send application data with 0-length content