Allow TLSv1.1 and TLSv1.2.

This should in theory allow for later versions of TLS too but let's verify that when the time comes.
author: Linus Nordberg <linus@nordu.net> 2016-02-25 15:08:07 +0100
committer: Linus Nordberg <linus@nordu.net> 2016-02-25 15:09:01 +0100
commit: 3e3123b55ee484f7a67f8dc4b74f58836b5ffb78 (patch)
tree: 222dec3ba82a850134953daaa9f9859c8236b952
parent: 8beb0c6820d280aa9ca793329b26e8610a69a932 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/tlscommon.c b/tlscommon.c
index 13a140a..9af5d81 100644
--- a/tlscommon.c
+++ b/tlscommon.c
@@ -208,7 +208,8 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) {
     switch (type) {
 #ifdef RADPROT_TLS
     case RAD_TLS:
-	ctx = SSL_CTX_new(TLSv1_method());
+	ctx = SSL_CTX_new(SSLv23_method());
+        SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
 #ifdef DEBUG
 	SSL_CTX_set_info_callback(ctx, ssl_info_callback);
 #endif
author	Linus Nordberg <linus@nordu.net>	2016-02-25 15:08:07 +0100
committer	Linus Nordberg <linus@nordu.net>	2016-02-25 15:09:01 +0100
commit	3e3123b55ee484f7a67f8dc4b74f58836b5ffb78 (patch)
tree	222dec3ba82a850134953daaa9f9859c8236b952
parent	8beb0c6820d280aa9ca793329b26e8610a69a932 (diff)