Branch: Tag:

2015-11-27

2015-11-27 14:27:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: TLS 1.1 and before don't support hashes other than md5 and sha1.

Improves interoperation with some versions of OpenSSL.

602:    break;    }    +  if (!max_version || (max_version > PROTOCOL_TLS_MAX)) { +  max_version = PROTOCOL_TLS_MAX; +  }    switch(max_version) {    case PROTOCOL_TLS_1_1:    case PROTOCOL_TLS_1_0:
611:    array(int) info = [array(int)]CIPHER_SUITES[suite];    // AEAD suites are not supported in TLS versions    // prior to TLS 1.2. -  return (sizeof(info) < 4); +  // Hashes other than md5 or sha1 are not supported +  // prior to TLS 1.2. +  return (sizeof(info) < 4) && (info[2] <= HASH_sha1);    });    break;    }