diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-05-25 11:43:17 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-05-25 11:43:17 +0000 |
commit | 277f8a34f4041fb9e7b00e998e079d7fecd075a9 (patch) | |
tree | 616e616fb31ecca3eb5ebbcfeec81a50b2f4410d /ssl/ssl_lib.c | |
parent | 4dde470865ae2421e4ebd55e936ddb25238608a2 (diff) | |
download | openssl-new-277f8a34f4041fb9e7b00e998e079d7fecd075a9.tar.gz |
use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index b21b42927d..2cd78c13cc 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2094,7 +2094,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT); return 0; } - if ((alg_k & SSL_kECDHe) && s->version < TLS1_2_VERSION) + if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) { /* signature alg must be ECDSA */ if (signature_nid != NID_ecdsa_with_SHA1) @@ -2103,7 +2103,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) return 0; } } - if ((alg_k & SSL_kECDHr) && s->version < TLS1_2_VERSION) + if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) { /* signature alg must be RSA */ |