projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Document rollback issues.
[openssl.git]
/
ssl
/
s23_srvr.c
diff --git
a/ssl/s23_srvr.c
b/ssl/s23_srvr.c
index cbf2f5d836f189be840273af9d7e2aaaa6ef8d6a..a81544a1b62a99a15f54cfa2960ca97d3bb6580a 100644
(file)
--- a/
ssl/s23_srvr.c
+++ b/
ssl/s23_srvr.c
@@
-499,6
+499,8
@@
int ssl23_get_client_hello(SSL *s)
(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
s->s2->ssl2_rollback=0;
else
(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
s->s2->ssl2_rollback=0;
else
+ /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
+ * (SSL 3.0 draft/RFC 2246, App. E.2) */
s->s2->ssl2_rollback=1;
/* setup the n bytes we have read so we get them from
s->s2->ssl2_rollback=1;
/* setup the n bytes we have read so we get them from