libtls: Add downgrade protection for TLS 1.3 and TLS 1.2
authorPascal Knecht <pascal.knecht@hsr.ch>
Sun, 17 Jan 2021 15:33:02 +0000 (16:33 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 13:35:23 +0000 (14:35 +0100)
commitdc9f6c68dfbfe5b8d6413b76c5bb6b1353edabf6
treec87327806abee4d1afded09bc5a5cf48dad36196
parenta4a128bd2fa66067170a06b3c83e64c024493641
libtls: Add downgrade protection for TLS 1.3 and TLS 1.2

Section 4.1.3 in RFC 8446 defines a new downgrade protection mechanism
that also affects TLS 1.2.
src/libtls/tls.c
src/libtls/tls.h
src/libtls/tls_peer.c
src/libtls/tls_server.c