diff options
| author | Tomas Mraz <tomas@openssl.org> | 2023-04-21 17:21:21 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-05-02 09:51:23 +0200 |
| commit | 4f373a9773efa63fdb73f3972f13ab78b9342b70 (patch) | |
| tree | 173af49c894b568ed0afeda0631f8af9b09748ba | |
| parent | 1eef26bd8924058b9ba0e52786b6afab80db23a9 (diff) | |
| download | openssl-new-4f373a9773efa63fdb73f3972f13ab78b9342b70.tar.gz | |
Copy min/max_proto_version from SSL_CTX to SSL only for the same method types
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20764)
| -rw-r--r-- | ssl/ssl_lib.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index eac7fd659e..9b54357630 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -747,8 +747,10 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method) s->options = ctx->options; s->dane.flags = ctx->dane.flags; - s->min_proto_version = ctx->min_proto_version; - s->max_proto_version = ctx->max_proto_version; + if (method->version == ctx->method->version) { + s->min_proto_version = ctx->min_proto_version; + s->max_proto_version = ctx->max_proto_version; + } s->mode = ctx->mode; s->max_cert_list = ctx->max_cert_list; s->max_early_data = ctx->max_early_data; |