diff options
author | Pauli <pauli@openssl.org> | 2021-06-18 12:54:24 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-06-19 15:49:46 +1000 |
commit | d7b5c648d682b499b71320a03747602a6ba4dec3 (patch) | |
tree | e862a77bf88186198192164adc3ed5bf1f61c5ae /ssl/ssl_local.h | |
parent | b9d022d78faee0648c3ace7f15ccec08f14feddb (diff) |
ssl: do not choose auto DH groups that are weaker than the security level
Fixes #15808
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15818)
Diffstat (limited to 'ssl/ssl_local.h')
-rw-r--r-- | ssl/ssl_local.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index def53739a1..dd82314602 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -2436,6 +2436,7 @@ __owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, __owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other); __owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, void *other); +int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp); __owur int ssl_cert_lookup_by_nid(int nid, size_t *pidx); __owur const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, |