diff options
author | Andreas Kotes <count@flatline.de> | 2014-04-15 13:06:58 +0200 |
---|---|---|
committer | Andreas Kotes <count@flatline.de> | 2014-04-15 13:06:58 +0200 |
commit | 962f887a64422c8e0a7f12131d8401211ef8cd74 (patch) | |
tree | 5e3e7a0dc460d63ed4f554b54abdedd92fd2bdaa /vchat-ssl.c | |
parent | 19375e6c61bfe3bf643786b0e7318c528e4b22a0 (diff) |
allow the use of TLSv1 / TLSv1_1 again
Diffstat (limited to 'vchat-ssl.c')
-rwxr-xr-x | vchat-ssl.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/vchat-ssl.c b/vchat-ssl.c index 2b41432..0333aee 100755 --- a/vchat-ssl.c +++ b/vchat-ssl.c | |||
@@ -61,8 +61,8 @@ SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store ) | |||
61 | X509_STORE *store = NULL; | 61 | X509_STORE *store = NULL; |
62 | vc_x509verify_cb_t verify_callback = NULL; | 62 | vc_x509verify_cb_t verify_callback = NULL; |
63 | 63 | ||
64 | /* Explicitly use TLSv1_2 (or maybe later) */ | 64 | /* Explicitly use TLSv1 (or maybe later) */ |
65 | if( !(ctx = SSL_CTX_new(TLSv1_2_client_method())) ) | 65 | if( !(ctx = SSL_CTX_new(TLSv1_client_method())) ) |
66 | VC_CTX_ERR_EXIT(store, ctx); | 66 | VC_CTX_ERR_EXIT(store, ctx); |
67 | 67 | ||
68 | if( !(store = vc_x509store_create(vc_store)) ) | 68 | if( !(store = vc_x509store_create(vc_store)) ) |
@@ -70,8 +70,8 @@ SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store ) | |||
70 | 70 | ||
71 | SSL_CTX_set_cert_store(ctx, store); | 71 | SSL_CTX_set_cert_store(ctx, store); |
72 | store = NULL; | 72 | store = NULL; |
73 | /* Disable A LOT of insecure protocols explicitly */ | 73 | /* Disable some insecure protocols explicitly */ |
74 | SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1); | 74 | SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3); |
75 | SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); | 75 | SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); |
76 | 76 | ||
77 | SSL_CTX_set_verify_depth (ctx, 2); | 77 | SSL_CTX_set_verify_depth (ctx, 2); |