mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 06:21:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
24ae00388f
openssl/ssl
History
Matt Caswell de4dc59802 Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable 
TLSv1.3 is more restrictive about the curve used. There must be a matching
sig alg defined for that curve. Therefore if we are using some other curve
in our certificate then we should not negotiate TLSv1.3.

Fixes #7435

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7442)
2018-11-12 11:08:51 +00:00
..
record Properly handle duplicated messages from the next epoch 2018-10-26 14:21:19 +01:00
statem Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable 2018-11-12 11:08:51 +00:00
bio_ssl.c
build.info
d1_lib.c Buffer a ClientHello with a cookie received via DTLSv1_listen 2018-10-19 14:25:22 +01:00
d1_msg.c
d1_srtp.c
methods.c
packet_locl.h Update copyright year 2018-09-11 13:45:17 +01:00
packet.c Update copyright year 2018-04-17 15:18:40 +02:00
pqueue.c Use void in all function definitions that do not take any arguments 2018-05-11 14:37:48 +02:00
s3_cbc.c Fix tls_cbc_digest_record is slow using SHA-384 and short messages 2018-10-19 08:26:58 +10:00
s3_enc.c ssl/s3_enc.c: fix logical errors in ssl3_final_finish_mac. 2018-10-12 21:01:53 +02:00
s3_lib.c Fix a mem leak on error in the PSK code 2018-08-30 09:50:29 +08:00
s3_msg.c
ssl_asn1.c Don't use OPENSSL_strdup() for copying alpn_selected 2018-06-21 11:07:45 +01:00
ssl_cert_table.h Update copyright year 2018-03-20 13:08:46 +00:00
ssl_cert.c Unbreak SECLEVEL 3 regression causing it to not accept any ciphers. 2018-11-10 21:29:36 +01:00
ssl_ciph.c ssl/ssl_ciph.c: make set_ciphersuites static 2018-09-18 09:32:08 +02:00
ssl_conf.c Add the ability to configure anti-replay via SSL_CONF 2018-07-02 15:06:12 +01:00
ssl_err.c Fix some TLSv1.3 alert issues 2018-07-31 09:31:50 +01:00
ssl_init.c Add automatic initializations support for EVP_MAC objects 2018-10-29 13:35:19 +01:00
ssl_lib.c Fix return formatting. 2018-11-06 07:06:56 +10:00
ssl_locl.h Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable 2018-11-12 11:08:51 +00:00
ssl_mcnf.c Move the loading of the ssl_conf module to libcrypto 2018-04-05 15:30:12 +01:00
ssl_rsa.c Update copyright year 2018-03-20 13:08:46 +00:00
ssl_sess.c ssl/*: switch to switch to Thread-Sanitizer-friendly primitives. 2018-08-07 09:08:23 +02:00
ssl_stat.c
ssl_txt.c Address coverity-reported NULL dereference in SSL_SESSION_print() 2018-07-01 18:20:11 -05:00
ssl_utst.c
t1_enc.c Ensure that we write out alerts correctly after early_data 2018-08-08 10:16:58 +01:00
t1_lib.c Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable 2018-11-12 11:08:51 +00:00
t1_trce.c Fix ssl/t1_trce.c to parse certificate chains 2018-09-01 08:58:42 +08:00
tls13_enc.c Reduce stack usage in tls13_hkdf_expand 2018-09-24 15:58:24 +02:00
tls_srp.c Use the private RNG for data that is not public 2018-04-02 22:22:43 +02:00