Don't fail the connection in SSLv3 if server selects ECDHE
ECDHE is not properly defined for SSLv3. Commit fe55c4a2 prevented ECDHE from being selected in that protocol. However, historically, servers do still select ECDHE anyway so that commit causes interoperability problems. Clients that previously worked when talking to an SSLv3 server could now fail. This commit introduces an exception which enables a client to continue in SSLv3 if the server selected ECDHE. (cherry picked from commit 8af91fd9 ) Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3734)
parent
fd91e61f
Please register or sign in to comment