git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 15 Oct 2013 13:15:54 +0000 (14:15 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sun, 20 Oct 2013 11:23:27 +0000 (12:23 +0100)
commit	5e1ff664f95ab4c9176b3e86b5111e5777bad61a
tree	93b97c06403ab4d335092b92a5839ae83b37f9ec	tree \| snapshot
parent	833a896681b3287e5ab9c01f4f0234691f4076a8	commit \| diff

Don't use RSA+MD5 with TLS 1.2

Since the TLS 1.2 supported signature algorithms extension is less
sophisticaed in OpenSSL 1.0.1 this has to be done in two stages.

RSA+MD5 is removed from supported signature algorithms extension:
any compliant implementation should never use RSA+MD5 as a result.

To cover the case of a broken implementation using RSA+MD5 anyway
disable lookup of MD5 algorithm in TLS 1.2.

ssl/t1_lib.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom