Branch: Tag:

2015-11-27

2015-11-27 14:34:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: TLS 1.1 and before don't support hashes other than md5 and sha1.

Improves interoperation with some versions of OpenSSL.

221:    // Variant cipher-suite dependent prfs are not supported prior to TLS 1.2.    return 0;    } +  if (suite_info[2] > HASH_sha) { +  // Hash algorithms other than md5 and sha1 are not supported +  // prior to TLS 1.2. +  return 0; +  }    // FIXME: Check hash size >= cert hash size.    }