Revision 08a88774bd8463bedf7fe440a165d3d98b702361 authored by Dr. Stephen Henson on 23 October 2014, 16:09:57 UTC, committed by Dr. Stephen Henson on 06 January 2015, 13:18:46 UTC
OpenSSL clients would tolerate temporary RSA keys in non-export ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which enabled this server side. Remove both options as they are a protocol violation. Thanks to Karthikeyan Bhargavan for reporting this issue. (CVE-2015-0204) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6) Conflicts: CHANGES doc/ssl/SSL_CTX_set_options.pod
1 parent 802a070
Computing file changes ...
