Correct downgrade sentinels when a version pinned method is in use. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2020-05-31 16:36:35 +0000
committer	jsing <>	2020-05-31 16:36:35 +0000
commit	059c16b3ca987ee98bd63a9cf4d0c58bfc02334e (patch)
tree	1ce257d0fa239a96e7594d053190347cb2b42c4a /src/lib/libssl/ssl_ciphers.c
parent	5037a9d3f0ac53ff43e2fe5bbb75fbaf97c9a510 (diff)
download	openbsd-059c16b3ca987ee98bd63a9cf4d0c58bfc02334e.tar.gz openbsd-059c16b3ca987ee98bd63a9cf4d0c58bfc02334e.tar.bz2 openbsd-059c16b3ca987ee98bd63a9cf4d0c58bfc02334e.zip

Correct downgrade sentinels when a version pinned method is in use.

Previously only the enabled protocol versions were considered, however we also have to consider the method in use which may be version pinned. Found the hard way by danj@ with haproxy and force-tlsv12. ok beck@ inoguchi@ tb@

Diffstat (limited to 'src/lib/libssl/ssl_ciphers.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: