Revise ChangeLog entry for empty data records fixes

This commit is contained in:
Simon Butcher 2018-07-24 12:59:21 +01:00
parent d5a3ed36b8
commit a8ee41ce80

View file

@ -24,11 +24,12 @@ Bugfix
* Fix compiler warning of 'use before initialisation' in
mbedtls_pk_parse_key(). Found by Martin Boye Petersen and fixed by Dawid
Drozd. #1098
* Fix decryption of zero length messages (all padding) in some circumstances:
DTLS 1.0 and 1.2, and CBC ciphersuites using encrypt-then-MAC. Most often
seen when communicating with OpenSSL using TLS 1.0. Reported by @kFYatek
(#1632) and by Conor Murphy on the forum. Fix contributed by Espressif
Systems.
* Fix decryption for zero length messages (which contain all padding) when a
CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
such a message was wrongly reported as an invalid record and therefore lead
to the connection being terminated. Seen most often with OpenSSL using
TLS 1.0. Reported by @kFYatek and by Conor Murphy on the forum. Fix
contributed by Espressif Systems. Fixes #1632
* Fail when receiving a TLS alert message with an invalid length, or invalid
zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
* Fix ssl_client2 example to send application data with 0-length content