From 90acdc65e582151a58189ac0651036568316155e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:29:42 +0800 Subject: [PATCH] tl13: srv: improve comment Improve comment when received version 1.2 of the protocol while TLS 1.2 is disabled on server side. Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 3baff36e7d..67bf6daaee 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1913,7 +1913,8 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) * by MBEDTLS_SSL_PROC_CHK_NEG. */ /* - * Version 1.2 of the protocol has been chosen, set the + * Version 1.2 of the protocol has to be used for the handshake. + * If TLS 1.2 is not supported, abort the handshake. Otherwise, set the * ssl->keep_current_message flag for the ClientHello to be kept and parsed * as a TLS 1.2 ClientHello. We also change ssl->tls_version to * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step()