diff options
Diffstat (limited to 'src/lib/tls')
| -rw-r--r-- | src/lib/tls/tls_client.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp index ce19f04c9..0e620a279 100644 --- a/src/lib/tls/tls_client.cpp +++ b/src/lib/tls/tls_client.cpp @@ -330,7 +330,13 @@ void Client::process_handshake_msg(const Handshake_State* active_state, if(state.version() > state.client_hello()->version()) { throw TLS_Exception(Alert::HANDSHAKE_FAILURE, - "Server replied with later version than in hello"); + "Server replied with later version than client offered"); + } + + if(state.version().major_version() == 3 && state.version().minor_version() == 0) + { + throw TLS_Exception(Alert::PROTOCOL_VERSION, + "Server attempting to negotiate SSLv3 which is not supported"); } if(!policy().acceptable_protocol_version(state.version())) |