DescriptionNSS: don't advertise TLS 1.2-only ciphersuites in a TLS 1.1 ClientHello.
Chrome is advertising SHA256 ciphersuites with a TLS 1.1 ClientHello. This
breaks PolarSSL servers because they also have a bug: they accept the SHA256
ciphersuite and then break because they negotiated TLS 1.1
This change causes NSS not to advertise cipher suites that aren't applicable to
the version being negotiated.
BUG=297151
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=225345
Patch Set 1 #
Total comments: 6
Patch Set 2 : Addressing wtc's comments. #
Total comments: 6
Patch Set 3 : g try #
Total comments: 3
Patch Set 4 : "message" -> "code" #
Messages
Total messages: 12 (0 generated)
|