Commit eb5de0ce authored by Richard Levitte's avatar Richard Levitte
Browse files

If all versions of a proto are disabled, disabled the proto as well 



For example, 'no-dtls1 no-dtls1_2' will imply 'no-dtls'

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2670)
(cherry picked from commit 343a7467)
parent 38c0fe4b

Configure

+4 −0
Original line number Diff line number Diff line
@@ -456,6 +456,8 @@ my @disable_cascades = ( 
    "dgram"		=> [ "dtls", "sctp" ],

    "sock"		=> [ "dgram" ],

    "dtls"		=> [ @dtls ],

    sub { 0 == scalar grep { !$disabled{$_} } @dtls }

			=> [ "dtls" ],



    # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA

    "md5"		=> [ "ssl", "tls1", "tls1_1", "dtls1" ],
@@ -476,6 +478,8 @@ my @disable_cascades = ( 
			     "dtls1", "dtls1_2" ],



    "tls"		=> [ @tls ],

    sub { 0 == scalar grep { !$disabled{$_} } @tls }

			=> [ "tls" ],



    # SRP and HEARTBEATS require TLSEXT

    "tlsext"		=> [ "srp", "heartbeats" ],