diff options
author | Matt Caswell <matt@openssl.org> | 2018-10-19 14:01:22 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-11-12 11:19:58 +0000 |
commit | 6f54ae7a9079983ea51593d4a91699d14a9c9a99 (patch) | |
tree | 589c98c8074d40879fe96687a4d6d38b61138512 /test/certs | |
parent | 61e78e7ace6c5d65910379556d7da7d23492291c (diff) |
Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable
TLSv1.3 is more restrictive about the curve used. There must be a matching
sig alg defined for that curve. Therefore if we are using some other curve
in our certificate then we should not negotiate TLSv1.3.
Fixes #7435
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7442)
(cherry picked from commit de4dc598024fd0a9c2b7a466fd5323755d369522)
Diffstat (limited to 'test/certs')
0 files changed, 0 insertions, 0 deletions