diff options
author | Tomas Mraz <tomas@openssl.org> | 2022-05-12 11:53:27 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-05-27 08:47:31 +0200 |
commit | d1b3b6741380a1d7607da671b97f3fe5f54fa657 (patch) | |
tree | 46f03be90c0fe549b226d373e7844b037a7c600a | |
parent | 65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db (diff) | |
download | openssl-new-d1b3b6741380a1d7607da671b97f3fe5f54fa657.tar.gz |
The -no_legacy_server_connect option applies to client
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/18296)
-rw-r--r-- | doc/man1/openssl-s_client.pod.in | 1 | ||||
-rw-r--r-- | doc/man1/openssl-s_server.pod.in | 1 | ||||
-rw-r--r-- | ssl/ssl_conf.c | 2 |
3 files changed, 2 insertions, 2 deletions
diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in index 0d38d46d25..6e380cb147 100644 --- a/doc/man1/openssl-s_client.pod.in +++ b/doc/man1/openssl-s_client.pod.in @@ -87,6 +87,7 @@ B<openssl> B<s_client> [B<-no_comp>] [B<-brief>] [B<-legacy_server_connect>] +[B<-no_legacy_server_connect>] [B<-allow_no_dhe_kex>] [B<-sigalgs> I<sigalglist>] [B<-curves> I<curvelist>] diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in index f0f78670ec..06c2c6d67a 100644 --- a/doc/man1/openssl-s_server.pod.in +++ b/doc/man1/openssl-s_server.pod.in @@ -99,7 +99,6 @@ B<openssl> B<s_server> [B<-legacy_renegotiation>] [B<-no_renegotiation>] [B<-no_resumption_on_reneg>] -[B<-no_legacy_server_connect>] [B<-allow_no_dhe_kex>] [B<-prioritize_chacha>] [B<-strict>] diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 767faf2452..b83f9fe3a9 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -702,7 +702,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_CLIENT), SSL_CONF_CMD_SWITCH("no_renegotiation", 0), SSL_CONF_CMD_SWITCH("no_resumption_on_reneg", SSL_CONF_FLAG_SERVER), - SSL_CONF_CMD_SWITCH("no_legacy_server_connect", SSL_CONF_FLAG_SERVER), + SSL_CONF_CMD_SWITCH("no_legacy_server_connect", SSL_CONF_FLAG_CLIENT), SSL_CONF_CMD_SWITCH("allow_no_dhe_kex", 0), SSL_CONF_CMD_SWITCH("prioritize_chacha", SSL_CONF_FLAG_SERVER), SSL_CONF_CMD_SWITCH("strict", 0), |