projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Turn on TLSv1.3 downgrade protection by default
[openssl.git]
/
ssl
/
statem
/
statem_lib.c
diff --git
a/ssl/statem/statem_lib.c
b/ssl/statem/statem_lib.c
index d04f8773debc188e0d8c1235148d75a4638f4dcd..38121b7fd2552d02f084b394694556fcb97ccbd7 100644
(file)
--- a/
ssl/statem/statem_lib.c
+++ b/
ssl/statem/statem_lib.c
@@
-1914,7
+1914,6
@@
int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
if (s->version != vent->version)
continue;
-#ifndef OPENSSL_NO_TLS13DOWNGRADE
/* Check for downgrades */
if (s->version == TLS1_2_VERSION && highver > s->version) {
if (memcmp(tls12downgrade,
@@
-1941,7
+1940,6
@@
int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
return 0;
}
}
-#endif
s->method = method;
return 1;