diff options
Diffstat (limited to 'src/lib/libressl/ressl.c')
| -rw-r--r-- | src/lib/libressl/ressl.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/src/lib/libressl/ressl.c b/src/lib/libressl/ressl.c index f01448b8f4..516afa53d6 100644 --- a/src/lib/libressl/ressl.c +++ b/src/lib/libressl/ressl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ressl.c,v 1.14 2014/09/28 14:45:48 reyk Exp $ */ | 1 | /* $OpenBSD: ressl.c,v 1.15 2014/09/29 15:11:29 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -168,6 +168,23 @@ err: | |||
| 168 | return (1); | 168 | return (1); |
| 169 | } | 169 | } |
| 170 | 170 | ||
| 171 | int | ||
| 172 | ressl_configure_ssl(struct ressl *ctx) | ||
| 173 | { | ||
| 174 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); | ||
| 175 | |||
| 176 | if ((ctx->config->protocols & RESSL_PROTOCOL_SSLv3) == 0) | ||
| 177 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); | ||
| 178 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_0) == 0) | ||
| 179 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); | ||
| 180 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_1) == 0) | ||
| 181 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1); | ||
| 182 | if ((ctx->config->protocols & RESSL_PROTOCOL_TLSv1_2) == 0) | ||
| 183 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2); | ||
| 184 | |||
| 185 | return (0); | ||
| 186 | } | ||
| 187 | |||
| 171 | void | 188 | void |
| 172 | ressl_free(struct ressl *ctx) | 189 | ressl_free(struct ressl *ctx) |
| 173 | { | 190 | { |