projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7eea331) | patch
Modify is_tls13_capable() to take account of the servername cb
authorMatt Caswell <matt@openssl.org>
Tue, 3 Nov 2020 14:01:46 +0000 (14:01 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 9 Dec 2020 14:46:16 +0000 (14:46 +0000)
commitebda646db6dcc4c3813ffa06d9c548bdf9b9a717
tree691f98cc7eab94ad0d63b08798280f3901a3e037tree | snapshot
parent7eea331eabe8b0a7ce03c9602a2bc72e9ddfe676commit | diff
Modify is_tls13_capable() to take account of the servername cb

A servername cb may change the available certificates, so if we have one
set then we cannot rely on the configured certificates to determine if we
are capable of negotiating TLSv1.3 or not.

Fixes #13291

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13304)
ssl/statem/statem_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.