libtls: fix legacy protocol parsing - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2024-08-02 15:00:01 +0000
committer	tb <>	2024-08-02 15:00:01 +0000
commit	69b88701f563e2efc9523720168674a54f6bc069 (patch)
tree	61d7fc5b40064d7fad6956a89b7a64bd8e33c1a9 /src/lib/libc/string/wcscpy.3
parent	569dd285cc3b327709860038464e095a0f007936 (diff)
download	openbsd-69b88701f563e2efc9523720168674a54f6bc069.tar.gz openbsd-69b88701f563e2efc9523720168674a54f6bc069.tar.bz2 openbsd-69b88701f563e2efc9523720168674a54f6bc069.zip

libtls: fix legacy protocol parsing

Redefining TLS_PROTOCOL_TLSv1_0 and TLS_PROTOCOL_TLSv1_1 to be the same as TLS_PROTOCOL_TLSv1_2 had undesired side effects, as witnessed in the accompanying regress tests. The protocol string all:tlsv1.0 would disable TLSv1.2 (so only enable TLSv1.3) and tlsv1.2:!tlsv1.1 would disable all protocols. It makes more sense to ignore any setting of TLSv1.0 and TLSv1.1, so if you request 'tlsv1.1' you get no protocol, but 'all:!tlsv1.1' will enable the two supported protocols TLSv1.3 and TLSv1.2. Restore the defines to their original values and adjust the parsing code to set/unset them. Issue reported by Kenjiro Nakayama Fixes https://github.com/libressl/openbsd/issues/151 with/ok jsing

Diffstat (limited to 'src/lib/libc/string/wcscpy.3')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: