Change Post Handshake auth so that it is opt-in
Having post handshake auth automatically switched on breaks some applications written for TLSv1.2. This changes things so that an explicit function call is required for a client to indicate support for post-handshake auth. Fixes #6933. Reviewed-by:Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6938)
Showing
- apps/s_client.c 7 additions, 7 deletionsapps/s_client.c
- doc/man1/s_client.pod 4 additions, 4 deletionsdoc/man1/s_client.pod
- doc/man3/SSL_CTX_set_verify.pod 9 additions, 8 deletionsdoc/man3/SSL_CTX_set_verify.pod
- include/openssl/ssl.h 1 addition, 1 deletioninclude/openssl/ssl.h
- ssl/ssl_lib.c 2 additions, 2 deletionsssl/ssl_lib.c
- ssl/ssl_locl.h 1 addition, 1 deletionssl/ssl_locl.h
- ssl/statem/extensions_clnt.c 2 additions, 17 deletionsssl/statem/extensions_clnt.c
- test/handshake_helper.c 2 additions, 2 deletionstest/handshake_helper.c
- test/recipes/70-test_tls13messages.t 1 addition, 1 deletiontest/recipes/70-test_tls13messages.t
- test/ssl-tests/26-tls13_client_auth.conf 14 additions, 2 deletionstest/ssl-tests/26-tls13_client_auth.conf
- test/ssl-tests/26-tls13_client_auth.conf.in 21 additions, 12 deletionstest/ssl-tests/26-tls13_client_auth.conf.in
- test/ssl_test_ctx.c 3 additions, 3 deletionstest/ssl_test_ctx.c
- test/ssl_test_ctx.h 2 additions, 2 deletionstest/ssl_test_ctx.h
- test/sslapitest.c 3 additions, 3 deletionstest/sslapitest.c
- util/libssl.num 1 addition, 1 deletionutil/libssl.num
Loading
Please register or sign in to comment