Make TLSv1 use TLSv1.0 specifically to prevent ambiguity with TLSv1.1, TLSv1.2, TLSv1.3
This commit is contained in:
Muzaffar Auhammud
parent
f2cd35e9be
commit
1263f9cd09
@ -1052,13 +1052,16 @@ main(int argc, char **argv)
|
|||||||
ssl_ctx = SSL_CTX_new (SSLv3_client_method ()); break;
|
ssl_ctx = SSL_CTX_new (SSLv3_client_method ()); break;
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
/* 4/TLSv1 */
|
/* 4/TLSv1.0 */
|
||||||
case 4:
|
case 4:
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
|
||||||
ssl_ctx = SSL_CTX_new (TLS_client_method ());
|
ssl_ctx = SSL_CTX_new (TLS_client_method ());
|
||||||
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); break;
|
SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION);
|
||||||
|
SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION);
|
||||||
|
break;
|
||||||
#else
|
#else
|
||||||
ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
|
ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
|
||||||
|
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user