https://bz.apache.org/bugzilla/show_bug.cgi?id=65416
Bug ID: 65416
Summary: is the SSL_OP_NO_TLSv1_3 check backwards?
Product: Apache httpd-2
Version: 2.4.48
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
in ssl/ssl_private.h:
#ifdef SSL_OP_NO_TLSv1_3
#define SSL_HAVE_PROTOCOL_TLSV1_3 (1)
#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_BASIC| \
SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2|SSL_PROTOCOL_TLSV1_3)
#else
#define SSL_HAVE_PROTOCOL_TLSV1_3 (0)
#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_BASIC| \
SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2)
#endif
But SSL_OP_NO_TLSv1_3 comes from openssl and means "does NOT have TLSv1.3".
Other similar checks in ssl_private.h use "#ifndef" instead of "#ifdef".
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
