Tolerate a Certificate using a non-supported group on server side (dcf8b01f) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Commit dcf8b01f authored Mar 12, 2018 by

Matt Caswell

Tolerate a Certificate using a non-supported group on server side



If a server has been configured to use an ECDSA certificate, we should
allow it regardless of whether the server's own supported groups list
includes the certificate's group.

Fixes #2033

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5601)

parent 7814cdf3

Expand all Hide whitespace changes

Inline Side-by-side

Please register or to comment