From 0211c1396ff6d4dc401cabef56c2af3202f043f9 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 29 Sep 2014 15:11:29 +0000 Subject: Add an option that allows the enabled SSL protocols to be explicitly configured. Discussed with several. ok bcook@ --- src/lib/libressl/ressl_internal.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/lib/libressl/ressl_internal.h') diff --git a/src/lib/libressl/ressl_internal.h b/src/lib/libressl/ressl_internal.h index 02dded3e7e..f37b5718d9 100644 --- a/src/lib/libressl/ressl_internal.h +++ b/src/lib/libressl/ressl_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ressl_internal.h,v 1.10 2014/08/27 10:46:53 reyk Exp $ */ +/* $OpenBSD: ressl_internal.h,v 1.11 2014/09/29 15:11:29 jsing Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas * Copyright (c) 2014 Joel Sing @@ -36,6 +36,7 @@ struct ressl_config { const char *key_file; char *key_mem; size_t key_len; + uint32_t protocols; int verify; int verify_depth; }; @@ -63,6 +64,7 @@ struct ressl *ressl_server_conn(struct ressl *ctx); int ressl_check_hostname(X509 *cert, const char *host); int ressl_configure_keypair(struct ressl *ctx); int ressl_configure_server(struct ressl *ctx); +int ressl_configure_ssl(struct ressl *ctx); int ressl_host_port(const char *hostport, char **host, char **port); int ressl_set_error(struct ressl *ctx, char *fmt, ...); -- cgit v1.2.3-55-g6feb