Report TLS 1.0 as backwards-compatible TLSv1

The TLSv1.0 form is retained for reporting the first protocol version that supports a given cupher. Reviewed-by: N Rich Salz <rsalz@openssl.org>

Report TLS 1.0 as backwards-compatible TLSv1
The TLSv1.0 form is retained for reporting the first protocol version that supports a given cupher. Reviewed-by: N Rich Salz <rsalz@openssl.org>
ee3a6c64 · Viktor Dukhovni · 23d38992 · ee3a6c64 · ee3a6c64
隐藏空白更改
内联并排

Showing with 8 addition and 1 deletion

ssl/ssl_ciph.c ssl/ssl_ciph.c +7 -0

ssl/ssl_lib.c ssl/ssl_lib.c +1 -1

未找到文件。
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1822,6 +1822,13 @@ const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
 {
    if (c == NULL)
        return "(NONE)";
+
+    /*
+     * Backwards-compatibility crutch.  In almost all contexts we report TLS
+     * 1.0 as "TLSv1", but for ciphers we report "TLSv1.0".
+     */
+    if (c->min_tls == TLS1_VERSION)
+        return "TLSv1.0";
    return ssl_protocol_to_string(c->min_tls);
 }


--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3067,7 +3067,7 @@ const char *ssl_protocol_to_string(int version)
    else if (version == TLS1_1_VERSION)
        return "TLSv1.1";
    else if (version == TLS1_VERSION)
-        return "TLSv1.0";
+        return "TLSv1";
    else if (version == SSL3_VERSION)
        return "SSLv3";
    else if (version == DTLS1_BAD_VER)