diff options
| author | tb <> | 2022-06-29 08:37:18 +0000 |
|---|---|---|
| committer | tb <> | 2022-06-29 08:37:18 +0000 |
| commit | 804710bfbb52ebb3883f885be210fc3093198cc8 (patch) | |
| tree | 068cacafa858d844ddad6abdc70875d507fc0eb1 | |
| parent | 1bdcc9c8882875e056d0b3a34dffa33a8ea9b9d7 (diff) | |
| download | openbsd-804710bfbb52ebb3883f885be210fc3093198cc8.tar.gz openbsd-804710bfbb52ebb3883f885be210fc3093198cc8.tar.bz2 openbsd-804710bfbb52ebb3883f885be210fc3093198cc8.zip | |
Also check the security level when choosing a shared cipher
ok beck jsing
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index b4ad11dc6e..66d0eba9a0 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.229 2022/06/29 08:30:04 tb Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.230 2022/06/29 08:37:18 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2527,6 +2527,10 @@ ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, | |||
| 2527 | !(c->algorithm_ssl & SSL_TLSV1_3)) | 2527 | !(c->algorithm_ssl & SSL_TLSV1_3)) |
| 2528 | continue; | 2528 | continue; |
| 2529 | 2529 | ||
| 2530 | if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED, c->strength_bits, | ||
| 2531 | 0, c)) | ||
| 2532 | continue; | ||
| 2533 | |||
| 2530 | ssl_set_cert_masks(cert, c); | 2534 | ssl_set_cert_masks(cert, c); |
| 2531 | mask_k = cert->mask_k; | 2535 | mask_k = cert->mask_k; |
| 2532 | mask_a = cert->mask_a; | 2536 | mask_a = cert->mask_a; |