Reset TLS 1.3 ciphers in SSL_CTX_set_ssl_version() (1766493b) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 1766493b authored Sep 19, 2018 by

Benjamin Kaduk Committed by Benjamin Kaduk Sep 19, 2018

Reset TLS 1.3 ciphers in SSL_CTX_set_ssl_version()



Historically SSL_CTX_set_ssl_version() has reset the cipher list
to the default.  Splitting TLS 1.3 ciphers to be tracked separately
caused a behavior change, in that TLS 1.3 cipher configuration was
preserved across calls to SSL_CTX_set_ssl_version().  To restore commensurate
behavior with the historical behavior, set the ciphersuites to the default as
well as setting the cipher list to the default.

Closes: #7226

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7270)

(cherry picked from commit 2340ed277b7c5365e83a32eb7d5fa32c4071fb21)

parent f560ff62

Hide whitespace changes

Inline Side-by-side

Please register or to comment