Expand the CHANGES entry for SHA1 and libssl

As well as SSL 3, TLS 1.0, TLS 1.1 and DTLS 1.0 not working at security level 1 we also document that TLS 1.2 connection will fail if the ClientHello does not have a signature algorithms extension. Fixes #14447 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14465)
2025-01-30 14:01:55 +08:00 · 2021-03-08 16:23:14 +00:00 · 2021-03-08 16:23:14 +00:00 · 0966aee5ed
commit 0966aee5ed
parent f74f416b91
1 changed files with 6 additions and 1 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -568,7 +568,12 @@ OpenSSL 3.0
   reduced. This results in SSL 3, TLS 1.0, TLS 1.1 and DTLS 1.0 no longer
   working at the default security level of 1 and instead requires security
   level 0. The security level can be changed either using the cipher string
-   with `@SECLEVEL`, or calling `SSL_CTX_set_security_level()`.
+   with `@SECLEVEL`, or calling `SSL_CTX_set_security_level()`. This also means
+   that where the signature algorithms extension is missing from a ClientHello
+   then the handshake will fail in TLS 1.2 at security level 1. This is because,
+   although this extension is optional, failing to provide one means that
+   OpenSSL will fallback to a default set of signature algorithms. This default
+   set requires the availability of SHA1.

   *Kurt Roeckx*