mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 21:35:48 +01:00
Better handling of ciphersuite version range and forced version in
ssl_client2
This commit is contained in:
parent
6c85279719
commit
66c4810ffe
@ -435,13 +435,24 @@ int main( int argc, char *argv[] )
|
|||||||
const ssl_ciphersuite_t *ciphersuite_info;
|
const ssl_ciphersuite_t *ciphersuite_info;
|
||||||
ciphersuite_info = ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
|
ciphersuite_info = ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
|
||||||
|
|
||||||
if( ciphersuite_info->min_minor_ver > opt.max_version ||
|
if( opt.max_version != -1 &&
|
||||||
|
ciphersuite_info->min_minor_ver > opt.max_version )
|
||||||
|
{
|
||||||
|
printf("forced ciphersuite not allowed with this protocol version\n");
|
||||||
|
ret = 2;
|
||||||
|
goto usage;
|
||||||
|
}
|
||||||
|
if( opt.min_version != -1 &&
|
||||||
ciphersuite_info->max_minor_ver < opt.min_version )
|
ciphersuite_info->max_minor_ver < opt.min_version )
|
||||||
{
|
{
|
||||||
printf("forced ciphersuite not allowed with this protocol version\n");
|
printf("forced ciphersuite not allowed with this protocol version\n");
|
||||||
ret = 2;
|
ret = 2;
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
if( opt.max_version > ciphersuite_info->max_minor_ver )
|
||||||
|
opt.max_version = ciphersuite_info->max_minor_ver;
|
||||||
|
if( opt.min_version < ciphersuite_info->min_minor_ver )
|
||||||
|
opt.min_version = ciphersuite_info->min_minor_ver;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||||
|
Loading…
Reference in New Issue
Block a user