Check for missing DSA parameters.
If DSA parameters are absent return -1 (for unknown) in DSA_security_bits.
If parameters are absent when a certificate is set in an SSL/SSL_CTX
structure this will reject the certificate by default. This will cause DSA
certificates which omit parameters to be rejected but that is never (?)
done in practice.
Thanks to Brian 'geeknik' Carpenter for reporting this issue.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
parent
923ffa97
Please register or sign in to comment