projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f78c519) | patch
Ensure that the key share group is allowed for our protocol version
authorMatt Caswell <matt@openssl.org>
Fri, 30 Sep 2022 13:21:50 +0000 (14:21 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 12 Oct 2022 14:55:58 +0000 (15:55 +0100)
commit247b8e52527ed4facd9ff07cdef0df819193c0c3
tree7dc5711c86a6b4b1cbeb25cd218010b0ac0625abtree | snapshot
parentf78c51995e35889d39cb0bdadcbfa3e144bd8a29commit | diff
Ensure that the key share group is allowed for our protocol version

We should never send or accept a key share group that is not in the
supported groups list or a group that isn't suitable for use in TLSv1.3

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19317)
ssl/statem/extensions_clnt.c diff | blob | history
ssl/statem/extensions_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.