Don't fail the connection in SSLv3 if server selects ECDHE
ECDHE is not properly defined for SSLv3. Commit fe55c4a2 prevented ECDHE from being selected in that protocol. However, historically, servers do still select ECDHE anyway so that commit causes interoperability problems. Clients that previously worked when talking to an SSLv3 server could now fail. This commit introduces an exception which enables a client to continue in SSLv3 if the server selected ECDHE. [extended tests] Reviewed-by:Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3204)
Please register or sign in to comment