Loading doc/ssl/SSL_CONF_cmd.pod +4 −1 Original line number Diff line number Diff line Loading @@ -113,7 +113,8 @@ operations are permitted. Sets the minimum and maximum supported protocol. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2> for TLS and B<DTLSv1>, B<DTLSv1.2> for DTLS. B<TLSv1.1>, B<TLSv1.2> for TLS and B<DTLSv1>, B<DTLSv1.2> for DTLS, and B<None> for no limit. If the either bound is not specified then only the other bound applies, if specified. To restrict the supported protocol versions use these commands rather Loading Loading @@ -275,6 +276,7 @@ This sets the minimum supported SSL, TLS or DTLS version. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2>, B<DTLSv1> and B<DTLSv1.2>. The value B<None> will disable the limit. =item B<MaxProtocol> Loading @@ -282,6 +284,7 @@ This sets the maximum supported SSL, TLS or DTLS version. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2>, B<DTLSv1> and B<DTLSv1.2>. The value B<None> will disable the limit. =item B<Protocol> Loading ssl/ssl_conf.c +1 −0 Original line number Diff line number Diff line Loading @@ -332,6 +332,7 @@ static int protocol_from_string(const char *value) int version; }; static const struct protocol_versions versions[] = { {"None", 0}, {"SSLv3", SSL3_VERSION}, {"TLSv1", TLS1_VERSION}, {"TLSv1.1", TLS1_1_VERSION}, Loading ssl/statem/statem_lib.c +5 −0 Original line number Diff line number Diff line Loading @@ -834,6 +834,11 @@ int ssl_check_version_downgrade(SSL *s) */ int ssl_set_version_bound(int method_version, int version, int *bound) { if (version == 0) { *bound = version; return 1; } /*- * Restrict TLS methods to TLS protocol versions. * Restrict DTLS methods to DTLS protocol versions. Loading Loading
doc/ssl/SSL_CONF_cmd.pod +4 −1 Original line number Diff line number Diff line Loading @@ -113,7 +113,8 @@ operations are permitted. Sets the minimum and maximum supported protocol. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2> for TLS and B<DTLSv1>, B<DTLSv1.2> for DTLS. B<TLSv1.1>, B<TLSv1.2> for TLS and B<DTLSv1>, B<DTLSv1.2> for DTLS, and B<None> for no limit. If the either bound is not specified then only the other bound applies, if specified. To restrict the supported protocol versions use these commands rather Loading Loading @@ -275,6 +276,7 @@ This sets the minimum supported SSL, TLS or DTLS version. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2>, B<DTLSv1> and B<DTLSv1.2>. The value B<None> will disable the limit. =item B<MaxProtocol> Loading @@ -282,6 +284,7 @@ This sets the maximum supported SSL, TLS or DTLS version. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2>, B<DTLSv1> and B<DTLSv1.2>. The value B<None> will disable the limit. =item B<Protocol> Loading
ssl/ssl_conf.c +1 −0 Original line number Diff line number Diff line Loading @@ -332,6 +332,7 @@ static int protocol_from_string(const char *value) int version; }; static const struct protocol_versions versions[] = { {"None", 0}, {"SSLv3", SSL3_VERSION}, {"TLSv1", TLS1_VERSION}, {"TLSv1.1", TLS1_1_VERSION}, Loading
ssl/statem/statem_lib.c +5 −0 Original line number Diff line number Diff line Loading @@ -834,6 +834,11 @@ int ssl_check_version_downgrade(SSL *s) */ int ssl_set_version_bound(int method_version, int version, int *bound) { if (version == 0) { *bound = version; return 1; } /*- * Restrict TLS methods to TLS protocol versions. * Restrict DTLS methods to DTLS protocol versions. Loading
Viktor Dukhovni <openssl-users@dukhovni.org>Viktor Dukhovni <openssl-users@dukhovni.org>