diff options
| author | jsing <> | 2015-02-12 04:23:17 +0000 |
|---|---|---|
| committer | jsing <> | 2015-02-12 04:23:17 +0000 |
| commit | 3e3f6ec66f3d0f27fbe7349f8131243574f2d5c9 (patch) | |
| tree | 247fc8417330813ae36032bf69b24c57f396e85c /src/lib | |
| parent | dcd65cb98ec4a45e2b31359c006a41f9a4d5763a (diff) | |
| download | openbsd-3e3f6ec66f3d0f27fbe7349f8131243574f2d5c9.tar.gz openbsd-3e3f6ec66f3d0f27fbe7349f8131243574f2d5c9.tar.bz2 openbsd-3e3f6ec66f3d0f27fbe7349f8131243574f2d5c9.zip | |
Change TLS_PROTOCOLS_DEFAULT to be TLSv1.2 only. Add a TLS_PROTOCOLS_ALL
that includes all currently supported protocols (TLSv1.0, TLSv1.1 and
TLSv1.2). Change all users of libtls to use TLS_PROTOCOLS_ALL so that they
maintain existing behaviour.
Discussed with tedu@ and reyk@.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libtls/tls.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/lib/libtls/tls.h b/src/lib/libtls/tls.h index 0a6f8d7258..0fafcc6e23 100644 --- a/src/lib/libtls/tls.h +++ b/src/lib/libtls/tls.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls.h,v 1.7 2015/02/11 07:01:10 jsing Exp $ */ | 1 | /* $OpenBSD: tls.h,v 1.8 2015/02/12 04:23:17 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -25,7 +25,9 @@ | |||
| 25 | #define TLS_PROTOCOL_TLSv1_2 (1 << 3) | 25 | #define TLS_PROTOCOL_TLSv1_2 (1 << 3) |
| 26 | #define TLS_PROTOCOL_TLSv1 \ | 26 | #define TLS_PROTOCOL_TLSv1 \ |
| 27 | (TLS_PROTOCOL_TLSv1_0|TLS_PROTOCOL_TLSv1_1|TLS_PROTOCOL_TLSv1_2) | 27 | (TLS_PROTOCOL_TLSv1_0|TLS_PROTOCOL_TLSv1_1|TLS_PROTOCOL_TLSv1_2) |
| 28 | #define TLS_PROTOCOLS_DEFAULT TLS_PROTOCOL_TLSv1 | 28 | |
| 29 | #define TLS_PROTOCOLS_ALL TLS_PROTOCOL_TLSv1 | ||
| 30 | #define TLS_PROTOCOLS_DEFAULT TLS_PROTOCOL_TLSv1_2 | ||
| 29 | 31 | ||
| 30 | #define TLS_READ_AGAIN -2 | 32 | #define TLS_READ_AGAIN -2 |
| 31 | #define TLS_WRITE_AGAIN -3 | 33 | #define TLS_WRITE_AGAIN -3 |