diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-05-06 13:00:07 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-05-06 13:00:07 +0000 |
commit | 6b7be581e52761b2a0dc5dcf35214ff813b9f9f0 (patch) | |
tree | 7dddced56537e33ca1f45aa60d17edaee899ed3d /apps | |
parent | c1847111248cc71091e169311e0f8ba4b9acf8f3 (diff) |
Continuing TLS v1.2 support: add support for server parsing of
signature algorithms extension and correct signature format for
server key exchange.
All ciphersuites should now work on the server but no client support and
no client certificate support yet.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_server.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/apps/s_server.c b/apps/s_server.c index de481f7794..56362aa95c 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1526,6 +1526,9 @@ bad: SSL_CTX_set_quiet_shutdown(ctx,1); if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); + /* HACK while TLS v1.2 is disabled by default */ + if (!(off & SSL_OP_NO_TLSv1_2)) + SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_2); SSL_CTX_set_options(ctx,off); /* DTLS: partial reads end up discarding unread UDP bytes :-( * Setting read ahead solves this problem. |