diff options
author | David Benjamin <davidben@google.com> | 2016-07-10 19:20:35 +0300 |
---|---|---|
committer | David Benjamin <davidben@google.com> | 2016-07-12 22:17:43 +0300 |
commit | 1f61f0d7c381184b3c0ed2fcfe79eba37bab5b56 (patch) | |
tree | 579c572d78702fe5485c46c0cc72321336afa5f3 /crypto | |
parent | 0a8deb23350d30db06cb6f90e15c7ee9bd9e2933 (diff) |
Implement TLS 1.3's downgrade signal.
For now, skip the 1.2 -> 1.1 signal since that will affect shipping
code. We may as well enable it too, but wait until things have settled
down. This implements the version in draft-14 since draft-13's isn't
backwards-compatible.
Change-Id: I46be43e6f4c5203eb4ae006d1c6a2fe7d7a949ec
Reviewed-on: https://boringssl-review.googlesource.com/8724
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/err/ssl.errordata | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/err/ssl.errordata b/crypto/err/ssl.errordata index 23143444..f211a24f 100644 --- a/crypto/err/ssl.errordata +++ b/crypto/err/ssl.errordata @@ -41,6 +41,7 @@ SSL,139,DECRYPTION_FAILED_OR_BAD_RECORD_MAC SSL,140,DH_PUBLIC_VALUE_LENGTH_IS_WRONG SSL,141,DH_P_TOO_LONG SSL,142,DIGEST_CHECK_FAILED +SSL,254,DOWNGRADE_DETECTED SSL,143,DTLS_MESSAGE_TOO_BIG SSL,144,ECC_CERT_NOT_FOR_SIGNING SSL,145,EMS_STATE_INCONSISTENT |