diff options
author | Emilia Kasper <emilia@openssl.org> | 2015-10-06 17:27:35 +0200 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2015-10-06 18:03:51 +0200 |
commit | 20218b58b51b55189ada91807459d6bd64f5c986 (patch) | |
tree | 2db8b52c222a06b798f0fc568be3bd7cd103b4b2 /ssl | |
parent | e58c4d3cdde7a0a01df2884bfeec31a2b07be22d (diff) |
SSLv2 compat ciphers: clarify comment
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_srvr.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 82162d8566..5f05b9f21f 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -3494,10 +3494,9 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, while (PACKET_copy_bytes(cipher_suites, cipher, n)) { /* - * We only support SSLv2 format ciphers in SSLv3+ using a - * SSLv2 backward compatible ClientHello. In this case the first - * byte is always 0 for SSLv3 compatible ciphers. Anything else - * is an SSLv2 cipher and we ignore it + * SSLv3 ciphers wrapped in an SSLv2-compatible ClientHello have the + * first byte set to zero, while true SSLv2 ciphers have a non-zero + * first byte. We don't support any true SSLv2 ciphers, so skip them. */ if (sslv2format && cipher[0] != '\0') continue; |