git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Thu, 19 Dec 2013 14:37:39 +0000 (14:37 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Thu, 19 Dec 2013 21:04:28 +0000 (21:04 +0000)
commit	ca989269a2876bae79393bd54c3e72d49975fc75
tree	d6a6562d396662071fdd6d335abcb6761610c5dd	tree \| snapshot
parent	2ec4181ba92fc6b828687d2dc47c13dcd35a5d93	commit \| diff

Use version in SSL_METHOD not SSL structure.

When deciding whether to use TLS 1.2 PRF and record hash algorithms
use the version number in the corresponding SSL_METHOD structure
instead of the SSL structure. The SSL structure version is sometimes
inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449)

ssl/s3_lib.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom