diff options
Diffstat (limited to 'src/lib/libtls/tls.c')
-rw-r--r-- | src/lib/libtls/tls.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c index 8444169bdc..fdb994d733 100644 --- a/src/lib/libtls/tls.c +++ b/src/lib/libtls/tls.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: tls.c,v 1.97 2023/06/18 11:43:03 op Exp $ */ | 1 | /* $OpenBSD: tls.c,v 1.98 2023/07/02 06:37:27 beck Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
4 | * | 4 | * |
@@ -520,16 +520,12 @@ tls_configure_ssl(struct tls *ctx, SSL_CTX *ssl_ctx) | |||
520 | 520 | ||
521 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2); | 521 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2); |
522 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3); | 522 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3); |
523 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1); | ||
524 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1); | ||
523 | 525 | ||
524 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1); | ||
525 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_1); | ||
526 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_2); | 526 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_2); |
527 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_3); | 527 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_3); |
528 | 528 | ||
529 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0) | ||
530 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1); | ||
531 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0) | ||
532 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1); | ||
533 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0) | 529 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0) |
534 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_2); | 530 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_2); |
535 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_3) == 0) | 531 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_3) == 0) |