From de8c91bbae8e96fa5c5641fa2e0384eea7e75c7f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:43:09 +0100 Subject: [PATCH] Improve Changelog for TLS alert codes Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_tls_alert_codes.txt | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt index abe3a5e6d..10235d7bc 100644 --- a/ChangeLog.d/fix_tls_alert_codes.txt +++ b/ChangeLog.d/fix_tls_alert_codes.txt @@ -1,6 +1,5 @@ Bugfix - * Fix the alert raised when a client requests an invalid - * fragment length, as per RFC6066 section 4. We now alert with - * MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER. Similarly, raise - * MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR for an invalid finished - * message, as per RFC5247 section 7.2.2. + * Fix which alert is sent in some cases to conform to the + applicable RFC: on an invalid Finished message value, an + invalid max_fragment_length extension, or an + unsupported extension used by the server.