projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
return error if Suite B mode is selected and TLS 1.2 can't be used. Correct error...
[openssl.git]
/
ssl
/
ssl_ciph.c
diff --git
a/ssl/ssl_ciph.c
b/ssl/ssl_ciph.c
index 7f3e16080b0a4b740d9235a9c31e795c611cff60..4d87d2dbc4bf7f4b0b8a8f13c39e9cf41fe79e9b 100644
(file)
--- a/
ssl/ssl_ciph.c
+++ b/
ssl/ssl_ciph.c
@@
-1379,6
+1379,13
@@
static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
return 1;
/* Check version */
+ if (meth->version != TLS1_2_VERSION)
+ {
+ SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+ SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
+ return 0;
+ }
+
switch(suiteb_flags)
{
case SSL_CERT_FLAG_SUITEB_128_LOS: