summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_versions.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_versions.c')
-rw-r--r--src/lib/libssl/ssl_versions.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_versions.c b/src/lib/libssl/ssl_versions.c
index 4069670dc9..06e26b8059 100644
--- a/src/lib/libssl/ssl_versions.c
+++ b/src/lib/libssl/ssl_versions.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_versions.c,v 1.22 2022/02/05 14:54:10 jsing Exp $ */ 1/* $OpenBSD: ssl_versions.c,v 1.23 2022/06/30 11:17:50 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -329,6 +329,9 @@ ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver)
329 return 0; 329 return 0;
330 } 330 }
331 331
332 if (!ssl_security_version(s, shared_version))
333 return 0;
334
332 *max_ver = shared_version; 335 *max_ver = shared_version;
333 336
334 return 1; 337 return 1;
@@ -352,8 +355,11 @@ ssl_check_version_from_server(SSL *s, uint16_t server_version)
352 &max_tls_version)) 355 &max_tls_version))
353 return 0; 356 return 0;
354 357
355 return (server_tls_version >= min_tls_version && 358 if (server_tls_version < min_tls_version ||
356 server_tls_version <= max_tls_version); 359 server_tls_version > max_tls_version)
360 return 0;
361
362 return ssl_security_version(s, server_tls_version);
357} 363}
358 364
359int 365int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 07:20:56 +0000