projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5e3d21f) | patch
Don't alow TLS v1.0 ciphersuites for SSLv3
authorDr. Stephen Henson <steve@openssl.org>
Fri, 13 Nov 2015 14:37:24 +0000 (14:37 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 14 Nov 2015 00:06:32 +0000 (00:06 +0000)
commit2b573382f8e54aa03a1d8ffd48fa9d0a04609184
treee509f3bb087dbdbf11ab5ef2e5d134e82e68387atree | snapshot
parent5e3d21fef150f020e2d33439401da8f7e311aa24commit | diff
Don't alow TLS v1.0 ciphersuites for SSLv3

This disables some ciphersuites which aren't supported in SSL v3:
specifically PSK ciphersuites which use SHA256 or SHA384 for the MAC.

Thanks to the Open Crypto Audit Project for identifying this issue.

Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/s3_lib.c diff | blob | history
ssl/ssl_ciph.c diff | blob | history
ssl/ssl_locl.h diff | blob | history
ssl/statem/statem_clnt.c diff | blob | history
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.