diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-03-16 20:47:52 -0400 |
---|---|---|
committer | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-03-17 15:38:48 -0400 |
commit | ee3a6c646ff8ea6b9ada5a58f4a0e7c9b7be944b (patch) | |
tree | 1b1f946f3d4b65f4c0bf41479f7cbfa7b82b7a40 /ssl | |
parent | 23d38992fca13773291ca647220707bfb0636361 (diff) |
Report TLS 1.0 as backwards-compatible TLSv1
The TLSv1.0 form is retained for reporting the first protocol version
that supports a given cupher.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_ciph.c | 7 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index aaeeb8da27..c62b1935b6 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1822,6 +1822,13 @@ const char *SSL_CIPHER_get_version(const SSL_CIPHER *c) { if (c == NULL) return "(NONE)"; + + /* + * Backwards-compatibility crutch. In almost all contexts we report TLS + * 1.0 as "TLSv1", but for ciphers we report "TLSv1.0". + */ + if (c->min_tls == TLS1_VERSION) + return "TLSv1.0"; return ssl_protocol_to_string(c->min_tls); } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index cec3fc27f2..87e3dfad67 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3067,7 +3067,7 @@ const char *ssl_protocol_to_string(int version) else if (version == TLS1_1_VERSION) return "TLSv1.1"; else if (version == TLS1_VERSION) - return "TLSv1.0"; + return "TLSv1"; else if (version == SSL3_VERSION) return "SSLv3"; else if (version == DTLS1_BAD_VER) |