Skip to content

TLS 1.3 plaintext alert: ignore before seeing encrypted#10537

Merged
douzzer merged 1 commit into
wolfSSL:masterfrom
SparkiDev:tls13_pt_alert_before_enc
Jun 5, 2026
Merged

TLS 1.3 plaintext alert: ignore before seeing encrypted#10537
douzzer merged 1 commit into
wolfSSL:masterfrom
SparkiDev:tls13_pt_alert_before_enc

Conversation

@SparkiDev
Copy link
Copy Markdown
Contributor

@SparkiDev SparkiDev commented May 27, 2026

Description

Change to ignore plaintext alerts when
WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC is defined only until first encrypted message from peer is seen.

Negative testing added.

Fixes zd#20857

Testing

./autogen.sh
./configure --disable-shared CFLAGS=-DWOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC
make
./tests/unit.test -test_tls13_plaintext_alert

@SparkiDev SparkiDev self-assigned this May 27, 2026
@SparkiDev SparkiDev assigned wolfSSL-Bot and unassigned SparkiDev Jun 5, 2026
wolfSSL-Fenrir-bot
wolfSSL-Fenrir-bot reviewed Jun 5, 2026
View reviewed changes
Copy link
Copy Markdown

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #10537

Scan targets checked: wolfssl-bugs, wolfssl-src

Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/internal.c Outdated
@SparkiDev SparkiDev assigned SparkiDev and unassigned wolfSSL-Bot Jun 5, 2026
@SparkiDev SparkiDev removed the request for review from wolfSSL-Bot June 5, 2026 02:13
@SparkiDev
TLS 1.3 plaintext alert: ignore before seeing encrypted
b0757c1 
Change to ignore plaintext alerts when
WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC is defined only until first
encrypted message from peer is seen.

Negative testing added.
@SparkiDev SparkiDev force-pushed the tls13_pt_alert_before_enc branch from adcba2b to b0757c1 Compare June 5, 2026 02:35
@SparkiDev
Copy link
Copy Markdown
Contributor Author

SparkiDev commented Jun 5, 2026

Jenkins: retest this please

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jun 5, 2026

MemBrowse Memory Report

No memory changes detected for:

@SparkiDev SparkiDev requested a review from wolfSSL-Bot June 5, 2026 05:55
@SparkiDev SparkiDev assigned wolfSSL-Bot and unassigned SparkiDev Jun 5, 2026
@douzzer douzzer merged commit 2d186b3 into wolfSSL:master Jun 5, 2026
478 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left review comments

@douzzer douzzer douzzer approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@SparkiDev @douzzer @wolfSSL-Fenrir-bot @wolfSSL-Bot