Always generate DH keys for ephemeral DH cipher suites (c5b831f2) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit c5b831f2 authored Dec 17, 2015 by

Matt Caswell

Always generate DH keys for ephemeral DH cipher suites

Modified version of the commit ffaef3f1

 in the master branch by Stephen
Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always
generates a new DH key for every handshake regardless.

CVE-2016-0701 (fix part 2 or 2)

Issue reported by Antonio Sanso

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

parent 878e2c5b

Hide whitespace changes

Inline Side-by-side

Please register or to comment