mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 05:54:23 +01:00
Prevent SLOTH attacks
This commit is contained in:
parent
1a6a15c795
commit
6eb6e1bdc3
@ -1,5 +1,11 @@
|
||||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 2.4.x branch released 2016-xx-xx
|
||||
|
||||
Security
|
||||
* Removed MD5 from the allowed hash algorithms for CertificateRequest and
|
||||
CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
|
||||
|
||||
= mbed TLS 2.4.0 branch released 2016-10-17
|
||||
|
||||
Security
|
||||
|
@ -7644,8 +7644,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_SSL_HASH_MD5:
|
||||
ssl->handshake->calc_verify = ssl_calc_verify_tls;
|
||||
break;
|
||||
return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
case MBEDTLS_SSL_HASH_SHA1:
|
||||
|
Loading…
Reference in New Issue
Block a user