Skip to content

Commit 5bc11c0

Browse files
nachonacho
committed
Do not enforce a tls version but let it negotiate it
1 parent 48c4247 commit 5bc11c0

File tree

2 files changed

+2
-16
lines changed

2 files changed

+2
-16
lines changed

tls/openssl/gtlsclientconnection-openssl.c

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -416,14 +416,7 @@ g_tls_client_connection_openssl_initable_init (GInitable *initable,
416416
return FALSE;
417417
}
418418

419-
options = SSL_OP_NO_TICKET |
420-
SSL_OP_NO_SSLv2 |
421-
SSL_OP_NO_SSLv3 |
422-
SSL_OP_NO_TLSv1;
423-
424-
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
425-
options |= SSL_OP_NO_TLSv1_1;
426-
#endif
419+
options = SSL_OP_NO_TICKET;
427420

428421
/* Only TLS 1.2 or higher */
429422
SSL_CTX_set_options (priv->ssl_ctx, options);

tls/openssl/gtlsserverconnection-openssl.c

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -239,14 +239,7 @@ g_tls_server_connection_openssl_initable_init (GInitable *initable,
239239
return FALSE;
240240
}
241241

242-
options = SSL_OP_NO_TICKET |
243-
SSL_OP_NO_SSLv2 |
244-
SSL_OP_NO_SSLv3 |
245-
SSL_OP_NO_TLSv1;
246-
247-
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
248-
options |= SSL_OP_NO_TLSv1_1;
249-
#endif
242+
options = SSL_OP_NO_TICKET;
250243

251244
/* Only TLS 1.2 or higher */
252245
SSL_CTX_set_options (priv->ssl_ctx, options);

0 commit comments

Comments
 (0)