generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 1921

Browse Source 
Submitted by: steve@openssl.org

Our DTLS implementation doesn't currently handle ECDHE so don't include
unsupported ciphers in client hello.
This commit is contained in:
Dr. Stephen Henson 2009-05-13 16:25:35 +00:00
parent d2f17d9615
commit b3620451b2
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ssl/ssl_lib.c
View File

@ -1343,6 +1343,9 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
s->psk_client_callback == NULL) s->psk_client_callback == NULL)
continue; continue;
#endif /* OPENSSL_NO_PSK */ #endif /* OPENSSL_NO_PSK */
/* DTLS doesn't currently support ECDHE */
if ((s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) && (c->algorithm_mkey & SSL_kEECDH))
continue;
j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p); j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
p+=j; p+=j;
} }