projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f3b9257) | patch
Fix some client side transition logic
authorMatt Caswell <matt@openssl.org>
Mon, 14 Sep 2015 14:06:37 +0000 (15:06 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 30 Oct 2015 08:39:46 +0000 (08:39 +0000)
commita455d0f6fff7bdac2b991715e7bf5b000e2274af
tree4f12326379a9ae6dfcb4f6bdfd867d04b9d4e439tree | snapshot
parentf3b9257f8239e06cc30cea47558d37fc540853eecommit | diff
Fix some client side transition logic

Fixed some issues in the logic for determining whether an SKE should be
expected or not. In particular only allow an SKE for RSA if its export and
the key size is not allowed. Also fix the ephemeral ciphersuite checks and
add in a missing call to ssl3_check_cert_and_algorithm().

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
ssl/statem/statem_clnt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.