Commit 490ecc8c authored by Paul Bakker's avatar Paul Bakker
Browse files

- Added ssl_set_max_version() to set the client's maximum sent version number

parent 7eb013fa
......@@ -5,6 +5,9 @@ Features
* Added ssl_session_reset() to allow better multi-connection pools of
SSL contexts without needing to set all non-connection-specific
data and pointers again. Adapted ssl_server to use this functionality.
* Added ssl_set_max_version() to allow clients to offer a lower maximum
supported version to a server to help buggy server implementations.
(Closes ticket #36)
= Version 1.0.0 released on 2011-07-27
Features
......
......@@ -564,6 +564,16 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
*/
int ssl_set_hostname( ssl_context *ssl, const char *hostname );
/**
* \brief Set the maximum supported version sent from the client side
*
* \param ssl SSL context
* \param major Major version number (only SSL_MAJOR_VERSION_3 supported)
* \param minor Minor version number (SSL_MINOR_VERSION_0,
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2 supported)
*/
void ssl_set_max_version( ssl_context *ssl, int major, int minor );
/**
* \brief Return the number of data bytes available to read
*
......
......@@ -51,8 +51,11 @@ static int ssl_write_client_hello( ssl_context *ssl )
ssl->major_ver = SSL_MAJOR_VERSION_3;
ssl->minor_ver = SSL_MINOR_VERSION_0;
ssl->max_major_ver = SSL_MAJOR_VERSION_3;
ssl->max_minor_ver = SSL_MINOR_VERSION_2;
if( ssl->max_major_ver == 0 && ssl->max_minor_ver == 0 )
{
ssl->max_major_ver = SSL_MAJOR_VERSION_3;
ssl->max_minor_ver = SSL_MINOR_VERSION_2;
}
/*
* 0 . 0 handshake type
......
......@@ -1920,6 +1920,12 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
return( 0 );
}
void ssl_set_max_version( ssl_context *ssl, int major, int minor )
{
ssl->max_major_ver = major;
ssl->max_minor_ver = minor;
}
/*
* SSL get accessors
*/
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment