generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Report TLS 1.0 as backwards-compatible TLSv1

Browse Source 
The TLSv1.0 form is retained for reporting the first protocol version
that supports a given cupher.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Viktor Dukhovni
2016-03-16 20:47:52 -04:00
parent 23d38992fc
commit ee3a6c646f
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ssl/ssl_ciph.c
View File

@@ -1822,6 +1822,13 @@ const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
{ {
if (c == NULL) if (c == NULL)
return "(NONE)"; return "(NONE)";
/*
* Backwards-compatibility crutch. In almost all contexts we report TLS
* 1.0 as "TLSv1", but for ciphers we report "TLSv1.0".
*/
if (c->min_tls == TLS1_VERSION)
return "TLSv1.0";
return ssl_protocol_to_string(c->min_tls); return ssl_protocol_to_string(c->min_tls);
} }

2
ssl/ssl_lib.c
View File

@@ -3067,7 +3067,7 @@ const char *ssl_protocol_to_string(int version)
else if (version == TLS1_1_VERSION) else if (version == TLS1_1_VERSION)
return "TLSv1.1"; return "TLSv1.1";
else if (version == TLS1_VERSION) else if (version == TLS1_VERSION)
return "TLSv1.0"; return "TLSv1";
else if (version == SSL3_VERSION) else if (version == SSL3_VERSION)
return "SSLv3"; return "SSLv3";
else if (version == DTLS1_BAD_VER) else if (version == DTLS1_BAD_VER)