projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: face65d) | patch
Prevent use of RSA+MD5 in TLS 1.2 by default.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 15 Oct 2013 12:37:01 +0000 (13:37 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 20 Oct 2013 21:07:33 +0000 (22:07 +0100)
commit3495842bb06fffd4c1032f224e5708295707a18e
tree3972edde183b7631a2ae72b492b1ee131556bee3tree | snapshot
parentface65dab82debf993f61631db3c1cfffcda8234commit | diff
Prevent use of RSA+MD5 in TLS 1.2 by default.

Removing RSA+MD5 from the default signature algorithm list
prevents its use by default.

If a broken implementation attempts to use RSA+MD5 anyway the sanity
checking of signature algorithms will cause a fatal alert.
(cherry picked from commit 77a0f740d00ecf8f6b01c0685a2f858c3f65a3dd)
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.