generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation

Browse Source
This commit is contained in:
Dr. Stephen Henson 2009-11-18 14:43:27 +00:00
parent b14713c231
commit 5d965f0783
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/s23_clnt.c
View File

@ -235,6 +235,8 @@ static int ssl23_client_hello(SSL *s)
ssl2_compat = 0; ssl2_compat = 0;
if (s->tlsext_status_type != -1) if (s->tlsext_status_type != -1)
ssl2_compat = 0; ssl2_compat = 0;
if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
ssl2_compat = 0;
} }
#endif #endif