summaryrefslogtreecommitdiffstats
path: root/ssl.c
diff options
context:
space:
mode:
authorDmitry Malkin <dmitry@bedrocksystems.com>2023-10-27 11:16:49 +0200
committerGerd Hoffmann <kraxel@redhat.com>2023-10-27 12:33:06 +0200
commited5da502cbb150982ad982211ad9475414b8689a (patch)
tree8c1593c64647c985cfe53e551205702de4d20018 /ssl.c
parenta3894c77b620329dfa12981df33e1e4cd909a3b3 (diff)
downloadamtterm-ed5da502cbb150982ad982211ad9475414b8689a.tar.gz
enable TLSv1.2 support with legacy renegotiation
Diffstat (limited to 'ssl.c')
-rw-r--r--ssl.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl.c b/ssl.c
index 122a157..0f92fd8 100644
--- a/ssl.c
+++ b/ssl.c
@@ -76,7 +76,7 @@ struct ctx *sslinit(int fd,char *cacert)
SSL_load_error_strings();
SSL_library_init();
- if(!(ctx->ctx=SSL_CTX_new(SSLv23_client_method())))
+ if(!(ctx->ctx=SSL_CTX_new(TLSv1_2_client_method())))
{
ERR_print_errors_fp(stderr);
goto err1;
@@ -84,7 +84,7 @@ struct ctx *sslinit(int fd,char *cacert)
#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
SSL_CTX_set_options(ctx->ctx,
- SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2);
+ SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
#endif
if(!SSL_CTX_load_verify_locations(ctx->ctx,cacert,NULL))
generated by cgit (git 2.34.1) at 2025-02-22 22:51:55 +0000