projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dcbc03e) | patch
client: reject handshakes with DH parameters < 768 bits.
authorEmilia Kasper <emilia@openssl.org>
Tue, 19 May 2015 09:53:31 +0000 (11:53 +0200)
committerEmilia Kasper <emilia@openssl.org>
Wed, 20 May 2015 12:54:51 +0000 (14:54 +0200)
commit10a70da729948bb573d27cef4459077c49f3eb46
tree843fed0090af0a08803851d7c2a2c230b666e9a4tree | snapshot
parentdcbc03ede7625f6a1023389196f62aff8916ce4bcommit | diff
client: reject handshakes with DH parameters < 768 bits.

Since the client has no way of communicating her supported parameter
range to the server, connections to servers that choose weak DH will
simply fail.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
CHANGES diff | blob | history
ssl/s3_clnt.c diff | blob | history
ssl/ssl.h diff | blob | history
ssl/ssl_err.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.