diff options
author | raja-ashok <rashok.svks@gmail.com> | 2019-01-25 21:04:49 +0530 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-06-12 10:18:34 +0100 |
commit | 9aaecbfc98eb89a03f72b35d343e08f377e7803a (patch) | |
tree | 4f025a6064a0f8f654a486d9ef6be6c9fcb8b2cf /ssl/statem/extensions_srvr.c | |
parent | a03749a8f14c397f57ef956650f5db5da6523595 (diff) |
TLS1.3 FFDHE Support
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8178)
Diffstat (limited to 'ssl/statem/extensions_srvr.c')
-rw-r--r-- | ssl/statem/extensions_srvr.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index d107af3f87..37f5819346 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1424,7 +1424,8 @@ EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt, for (i = 0; i < numgroups; i++) { uint16_t group = groups[i]; - if (tls_curve_allowed(s, group, SSL_SECOP_CURVE_SUPPORTED)) { + if (tls_valid_group(s, group, SSL_version(s)) + && tls_curve_allowed(s, group, SSL_SECOP_CURVE_SUPPORTED)) { if (first) { /* * Check if the client is already using our preferred group. If |