diff options
| author | June McEnroe <june@causal.agency> | 2023-10-11 19:33:38 -0400 |
|---|---|---|
| committer | June McEnroe <june@causal.agency> | 2023-10-11 19:33:38 -0400 |
| commit | 198349012002f8d30013eb23c7d6df6a3c9cc65a (patch) | |
| tree | bd0567586a018ee4a9d450c2c1de1d10e6f6bd61 /tls.c | |
| parent | Merge LibreSSL 3.8.0 (diff) | |
| parent | Import LibreSSL 3.8.1 (diff) | |
| download | libretls-3.8.1.tar.gz libretls-3.8.1.zip | |
Diffstat (limited to '')
| -rw-r--r-- | tls.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/tls.c b/tls.c index 18b93ef..d387952 100644 --- a/tls.c +++ b/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.96 2023/05/25 07:46:21 op Exp $ */ +/* $OpenBSD: tls.c,v 1.98 2023/07/02 06:37:27 beck Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -580,16 +580,12 @@ tls_configure_ssl(struct tls *ctx, SSL_CTX *ssl_ctx) SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3); + SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1); + SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1); - SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1); - SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_1); SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_2); SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_3); - if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0) - SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1); - if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0) - SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1); if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0) SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_2); if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_3) == 0) |