projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: ce325c6)
Only allow ephemeral RSA keys in export ciphersuites.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 23 Oct 2014 16:09:57 +0000 (17:09 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 6 Jan 2015 02:06:39 +0000 (02:06 +0000)
OpenSSL clients would tolerate temporary RSA keys in non-export
ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
enabled this server side. Remove both options as they are a
protocol violation.

Thanks to Karthikeyan Bhargavan for reporting this issue.
(CVE-2015-0204)
Reviewed-by: Matt Caswell <matt@openssl.org>

No differences found
Unnamed repository; edit this file 'description' to name the repository.