mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
7717459892
The 'MinProtocol' and 'MaxProtocol' configuration commands now silently ignore TLS protocol version bounds when configurign DTLS-based contexts, and conversely, silently ignore DTLS protocol version bounds when configuring TLS-based contexts. The commands can be repeated to set bounds of both types. The same applies with the corresponding "min_protocol" and "max_protocol" command-line switches, in case some application uses both TLS and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. TLSv1_server_method()) also silently ignore version bounds. Previously attempts to apply bounds to these protocol versions would result in an error. Now only the "version-flexible" SSL_CTX instances are subject to limits in configuration files in command-line options. Expected to resolve #12394 Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #12472 |
||
---|---|---|
.. | ||
record | ||
statem | ||
bio_ssl.c | ||
build.info | ||
d1_lib.c | ||
d1_msg.c | ||
d1_srtp.c | ||
methods.c | ||
pqueue.c | ||
s3_cbc.c | ||
s3_enc.c | ||
s3_lib.c | ||
s3_msg.c | ||
ssl_asn1.c | ||
ssl_cert_table.h | ||
ssl_cert.c | ||
ssl_ciph.c | ||
ssl_conf.c | ||
ssl_err.c | ||
ssl_init.c | ||
ssl_lib.c | ||
ssl_local.h | ||
ssl_mcnf.c | ||
ssl_rsa.c | ||
ssl_sess.c | ||
ssl_stat.c | ||
ssl_txt.c | ||
ssl_utst.c | ||
t1_enc.c | ||
t1_lib.c | ||
t1_trce.c | ||
tls13_enc.c | ||
tls_srp.c |