diff options
Diffstat (limited to 'src/lib/libressl/ressl.c')
-rw-r--r-- | src/lib/libressl/ressl.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/src/lib/libressl/ressl.c b/src/lib/libressl/ressl.c index b500c83063..06c7d54cc2 100644 --- a/src/lib/libressl/ressl.c +++ b/src/lib/libressl/ressl.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ressl.c,v 1.17 2014/10/15 14:11:47 jsing Exp $ */ | 1 | /* $OpenBSD: ressl.c,v 1.18 2014/10/15 21:02:39 tedu Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
4 | * | 4 | * |
@@ -172,14 +172,12 @@ int | |||
172 | ressl_configure_ssl(struct ressl *ctx) | 172 | ressl_configure_ssl(struct ressl *ctx) |
173 | { | 173 | { |
174 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); | 174 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); |
175 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); | ||
175 | 176 | ||
176 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); | ||
177 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); | 177 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); |
178 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1); | 178 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1); |
179 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2); | 179 | SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2); |
180 | 180 | ||
181 | if ((ctx->config->protocols & RESSL_PROTOCOL_SSLv3) == 0) | ||
182 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); | ||
183 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_0) == 0) | 181 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_0) == 0) |
184 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); | 182 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); |
185 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_1) == 0) | 183 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_1) == 0) |