mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

No EtM for GOST ciphers in TLS 1.2

Browse Source 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17150)
This commit is contained in:
Dmitry Belyavskiy 2021-11-28 10:21:21 +01:00
parent bc42cf51c8
commit d724da6938
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/statem/extensions_clnt.c
View File

@ -1695,7 +1695,11 @@ int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
/* Ignore if inappropriate ciphersuite */
if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC)
&& s->s3.tmp.new_cipher->algorithm_mac != SSL_AEAD
&& s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4)
&& s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4
&& s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT
&& s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT12
&& s->s3.tmp.new_cipher->algorithm_enc != SSL_MAGMA
&& s->s3.tmp.new_cipher->algorithm_enc != SSL_KUZNYECHIK)
s->ext.use_etm = 1;
return 1;