From 42d1ecbb4220b6260fa2da63402ec3f5cbad849a Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 3 Apr 2026 12:58:19 +0000
Subject: Ensure that we cannot negotiate TLSv1.1 or lower.

TLS versions prior to TLSv1.2 were disabled a while ago, however this
was done in the version handling code. Remove TLSv1.1 and earlier from
ssl_get_method() and add an explicit min version check in the legacy
client and server, to provide a stronger guarantee.

ok kenjiro@ tb@
---
 src/lib/libssl/ssl_srvr.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'src/lib/libssl/ssl_srvr.c')

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index ef93e283de..af4b20f6ce 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.167 2025/12/04 21:03:42 beck Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.168 2026/04/03 12:58:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -238,6 +238,13 @@ ssl3_accept(SSL *s)
 				goto end;
 			}
 
+			/* Ensure that we cannot negotiate TLSv1.1 or lower. */
+			if (s->s3->hs.our_min_tls_version < TLS1_2_VERSION) {
+				SSLerror(s, ERR_R_INTERNAL_ERROR);
+				ret = -1;
+				goto end;
+			}
+
 			if (!ssl_security_version(s,
 			    s->s3->hs.our_min_tls_version)) {
 				SSLerror(s, SSL_R_VERSION_TOO_LOW);
-- 
cgit v1.2.3-55-g6feb