]> granicus.if.org Git - openssl/commit
Prevent use of RSA+MD5 in TLS 1.2 by default.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 15 Oct 2013 12:37:01 +0000 (13:37 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 20 Oct 2013 21:07:35 +0000 (22:07 +0100)
commit45473632c54947859a731dfe2db087c002ef7aa7
tree7ea37f132e493c9e7d3a2d3f67f525bb03726d58
parentb39d4768e6e6cb630cd0c8bb2da421f10a6edc9e
Prevent use of RSA+MD5 in TLS 1.2 by default.

Removing RSA+MD5 from the default signature algorithm list
prevents its use by default.

If a broken implementation attempts to use RSA+MD5 anyway the sanity
checking of signature algorithms will cause a fatal alert.
ssl/t1_lib.c