Commit 343a7467 authored by Richard Levitte's avatar Richard Levitte
Browse files

If all versions of a proto are disabled, disabled the proto as well 



For example, 'no-dtls1 no-dtls1_2' will imply 'no-dtls'

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2670)
parent d0823f7a

Configure

+4 −0
Original line number Diff line number Diff line
@@ -472,6 +472,8 @@ my @disable_cascades = ( 
    "dgram"		=> [ "dtls", "sctp" ],

    "sock"		=> [ "dgram" ],

    "dtls"		=> [ @dtls ],

    sub { 0 == scalar grep { !$disabled{$_} } @dtls }

			=> [ "dtls" ],



    # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA

    "md5"		=> [ "ssl", "tls1", "tls1_1", "dtls1" ],
@@ -492,6 +494,8 @@ my @disable_cascades = ( 
			     "dtls1", "dtls1_2" ],



    "tls"		=> [ @tls ],

    sub { 0 == scalar grep { !$disabled{$_} } @tls }

			=> [ "tls" ],



    # SRP and HEARTBEATS require TLSEXT

    "tlsext"		=> [ "srp", "heartbeats" ],