OpenSSL: Disable TLSv1.0

This commit is contained in:
Aaron Jones 2016-12-30 17:25:34 +00:00
parent 6bcfd29624
commit e140ba71d6
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5

View file

@ -431,6 +431,10 @@ rb_setup_ssl_server(const char *const certfile, const char *keyfile,
(void) SSL_CTX_set_options(ssl_ctx_new, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); (void) SSL_CTX_set_options(ssl_ctx_new, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
#endif #endif
#ifdef SSL_OP_NO_TLSv1
(void) SSL_CTX_set_options(ssl_ctx_new, SSL_OP_NO_TLSv1);
#endif
#ifdef SSL_OP_NO_TICKET #ifdef SSL_OP_NO_TICKET
(void) SSL_CTX_set_options(ssl_ctx_new, SSL_OP_NO_TICKET); (void) SSL_CTX_set_options(ssl_ctx_new, SSL_OP_NO_TICKET);
#endif #endif