Skip to content

Commit

Permalink
set min proto depend on method
Browse files Browse the repository at this point in the history
  • Loading branch information
@sreimers
sreimers committed Sep 9, 2023
1 parent 6e32f71 commit 1f5ddcc
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions src/tls/openssl/tls.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,7 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
{
struct tls *tls;
int r, err;
int min_proto = 0;

if (!tlsp)
return EINVAL;
Expand All @@ -250,6 +251,7 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
case TLS_METHOD_TLS:
case TLS_METHOD_SSLV23:
tls->ctx = SSL_CTX_new(TLS_method());
min_proto = TLS1_2_VERSION;
break;

case TLS_METHOD_DTLS:
Expand All @@ -270,9 +272,11 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
goto out;
}

err = tls_set_min_proto_version(tls, TLS1_2_VERSION);
if (err) {
goto out;
if (min_proto) {
err = tls_set_min_proto_version(tls, min_proto);
if (err) {
goto out;
}
}

#if defined(TRACE_SSL)
Expand Down

0 comments on commit 1f5ddcc

Please sign in to comment.