Skip to content
Blame History Permalink
  • Bodo Möller's avatar
    Fix SSL 2.0 rollback checking: The previous implementation of the · 37569e64
    Bodo Möller authored 
    test was never triggered due to an off-by-one error.

In s23_clnt.c, don't use special rollback-attack detection padding
(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
client; similarly, in s23_srvr.c, don't do the rollback check if
SSL 2.0 is the only protocol enabled in the server.
    37569e64
To find the state of this project's repository at the time of any of these versions, check out the tags.