[openssl-commits] [openssl] master update
Emilia Kasper
emilia at openssl.org
Tue Oct 6 16:04:33 UTC 2015
The branch master has been updated
via 20218b58b51b55189ada91807459d6bd64f5c986 (commit)
from e58c4d3cdde7a0a01df2884bfeec31a2b07be22d (commit)
- Log -----------------------------------------------------------------
commit 20218b58b51b55189ada91807459d6bd64f5c986
Author: Emilia Kasper <emilia at openssl.org>
Date: Tue Oct 6 17:27:35 2015 +0200
SSLv2 compat ciphers: clarify comment
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_srvr.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 82162d8..5f05b9f 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3494,10 +3494,9 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,
while (PACKET_copy_bytes(cipher_suites, cipher, n)) {
/*
- * We only support SSLv2 format ciphers in SSLv3+ using a
- * SSLv2 backward compatible ClientHello. In this case the first
- * byte is always 0 for SSLv3 compatible ciphers. Anything else
- * is an SSLv2 cipher and we ignore it
+ * SSLv3 ciphers wrapped in an SSLv2-compatible ClientHello have the
+ * first byte set to zero, while true SSLv2 ciphers have a non-zero
+ * first byte. We don't support any true SSLv2 ciphers, so skip them.
*/
if (sslv2format && cipher[0] != '\0')
continue;
More information about the openssl-commits
mailing list