PR: 1921
Submitted by: steve@openssl.org Our DTLS implementation doesn't currently handle ECDHE so don't include unsupported ciphers in client hello.
This commit is contained in:
parent
d2f17d9615
commit
b3620451b2
@ -1343,6 +1343,9 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
|
||||
s->psk_client_callback == NULL)
|
||||
continue;
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
/* DTLS doesn't currently support ECDHE */
|
||||
if ((s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) && (c->algorithm_mkey & SSL_kEECDH))
|
||||
continue;
|
||||
j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
|
||||
p+=j;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user