git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 23 Jun 2023 14:45:14 +0000 (15:45 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 27 Jun 2023 09:50:08 +0000 (10:50 +0100)
commit	e609a4565f9ededc5c982175c297bb08058f767c
tree	ad219b32c11e6fd406c47ce6fb1c6ff566c4b18e	tree \| snapshot
parent	810f7dc1c7cc5441097b398f753e33652848a4cc	commit \| diff

Fix supported_groups handing in TLSv1.2

In TLSv1.2 we should not attempt to use a supported_group value that is
intended for use with TLSv1.3 - even if both the server and the client
support it, e.g. the ffdhe groups are supported by OpenSSL for TLSv1.3 but
not for TLSv1.2.

Fixes #21081

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21274)

ssl/t1_lib.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom