diff options
author | Emilia Kasper <emilia@openssl.org> | 2015-05-19 12:05:22 +0200 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2015-05-20 15:01:36 +0200 |
commit | 63830384e90d9b36d2793d4891501ec024827433 (patch) | |
tree | da5b03f61bba408107d21065c4cbf78b81187e14 /CHANGES | |
parent | ff4de7dde90d15b366abe4664b904f22539969c9 (diff) |
client: reject handshakes with DH parameters < 768 bits.
Since the client has no way of communicating her supported parameter
range to the server, connections to servers that choose weak DH will
simply fail.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -4,7 +4,8 @@ Changes between 1.0.1m and 1.0.1n [xx XXX xxxx] - *) + *) Reject DH handshakes with parameters shorter than 768 bits. + [Kurt Roeckx and Emilia Kasper] Changes between 1.0.1l and 1.0.1m [19 Mar 2015] |