mirror of
https://github.com/openssl/openssl.git
synced 2025-01-30 14:01:55 +08:00
7717459892
The 'MinProtocol' and 'MaxProtocol' configuration commands now silently ignore TLS protocol version bounds when configurign DTLS-based contexts, and conversely, silently ignore DTLS protocol version bounds when configuring TLS-based contexts. The commands can be repeated to set bounds of both types. The same applies with the corresponding "min_protocol" and "max_protocol" command-line switches, in case some application uses both TLS and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. TLSv1_server_method()) also silently ignore version bounds. Previously attempts to apply bounds to these protocol versions would result in an error. Now only the "version-flexible" SSL_CTX instances are subject to limits in configuration files in command-line options. Expected to resolve #12394 Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #12472 |
||
|---|---|---|
| .. | ||
| record | ||
| statem | ||
| bio_ssl.c | ||
| build.info | ||
| d1_lib.c | ||
| d1_msg.c | ||
| d1_srtp.c | ||
| methods.c | ||
| pqueue.c | ||
| s3_cbc.c | ||
| s3_enc.c | ||
| s3_lib.c | ||
| s3_msg.c | ||
| ssl_asn1.c | ||
| ssl_cert_table.h | ||
| ssl_cert.c | ||
| ssl_ciph.c | ||
| ssl_conf.c | ||
| ssl_err.c | ||
| ssl_init.c | ||
| ssl_lib.c | ||
| ssl_local.h | ||
| ssl_mcnf.c | ||
| ssl_rsa.c | ||
| ssl_sess.c | ||
| ssl_stat.c | ||
| ssl_txt.c | ||
| ssl_utst.c | ||
| t1_enc.c | ||
| t1_lib.c | ||
| t1_trce.c | ||
| tls13_enc.c | ||
| tls_srp.c | ||