aboutsummaryrefslogtreecommitdiff
path: root/openssl/src/ssl/connector.rs
diff options
context:
space:
mode:
authorSteven Fackler <[email protected]>2018-02-13 22:28:01 -0800
committerSteven Fackler <[email protected]>2018-02-13 22:31:37 -0800
commit276577553501164c183ebffa2accf87380dac8c0 (patch)
tree69edc8033241a039298c2cb04a28a24912d86a5b /openssl/src/ssl/connector.rs
parentMerge pull request #838 from olehermanse/master (diff)
downloadrust-openssl-276577553501164c183ebffa2accf87380dac8c0.tar.xz
rust-openssl-276577553501164c183ebffa2accf87380dac8c0.zip
OpenSSL 1.1.1 support
Diffstat (limited to 'openssl/src/ssl/connector.rs')
-rw-r--r--openssl/src/ssl/connector.rs13
1 files changed, 13 insertions, 0 deletions
diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs
index 9e485ab9..9d1ceadc 100644
--- a/openssl/src/ssl/connector.rs
+++ b/openssl/src/ssl/connector.rs
@@ -206,6 +206,12 @@ impl SslAcceptor {
/// [docs]: https://wiki.mozilla.org/Security/Server_Side_TLS
pub fn mozilla_intermediate(method: SslMethod) -> Result<SslAcceptorBuilder, ErrorStack> {
let mut ctx = ctx(method)?;
+ #[cfg(ossl111)]
+ {
+ ctx.set_options(SslOptions {
+ bits: ::ffi::SSL_OP_NO_TLSv1_3,
+ });
+ }
let dh = Dh::params_from_pem(DHPARAM_PEM.as_bytes())?;
ctx.set_tmp_dh(&dh)?;
setup_curves(&mut ctx)?;
@@ -232,6 +238,13 @@ impl SslAcceptor {
/// [docs]: https://wiki.mozilla.org/Security/Server_Side_TLS
pub fn mozilla_modern(method: SslMethod) -> Result<SslAcceptorBuilder, ErrorStack> {
let mut ctx = ctx(method)?;
+ ctx.set_options(SslOptions::NO_TLSV1 | SslOptions::NO_TLSV1_1);
+ #[cfg(ossl111)]
+ {
+ ctx.set_options(SslOptions {
+ bits: ::ffi::SSL_OP_NO_TLSv1_3,
+ });
+ }
setup_curves(&mut ctx)?;
ctx.set_cipher_list(
"ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-02 02:33:05 +0000