fix openssl 2.0 rollback, CAN-2005-2969

approved by: agc
This commit is contained in:
gendalia 2005-10-11 18:07:40 +00:00
parent dbbdf74175
commit ed304be38e
1 changed files with 1 additions and 3 deletions

View File

@ -528,9 +528,7 @@ int ssl23_get_client_hello(SSL *s)
} }
s->state=SSL2_ST_GET_CLIENT_HELLO_A; s->state=SSL2_ST_GET_CLIENT_HELLO_A;
if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
use_sslv2_strong ||
(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
s->s2->ssl2_rollback=0; s->s2->ssl2_rollback=0;
else else
/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0