summaryrefslogtreecommitdiff
path: root/tlscommon.c
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2016-02-25 15:08:07 +0100
committerLinus Nordberg <linus@nordu.net>2016-02-25 15:08:07 +0100
commit025ef1f2343f05fa0f0fcd4cecae8ac0f3d64022 (patch)
tree9ec4823b76c7aab6a90fdf237940a825f6731ab4 /tlscommon.c
parent718cb0628a1eb036e26b8a39caf232b58f481134 (diff)
Allow TLSv1.1 and TLSv1.2.
This should in theory allow for later versions of TLS too but let's verify that when the time comes.
Diffstat (limited to 'tlscommon.c')
-rw-r--r--tlscommon.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/tlscommon.c b/tlscommon.c
index c0a6967..39eaf20 100644
--- a/tlscommon.c
+++ b/tlscommon.c
@@ -203,7 +203,8 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) {
switch (type) {
#ifdef RADPROT_TLS
case RAD_TLS:
- ctx = SSL_CTX_new(TLSv1_method());
+ ctx = SSL_CTX_new(SSLv23_method());
+ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
#ifdef DEBUG
SSL_CTX_set_info_callback(ctx, ssl_info_callback);
#endif