diff options
author | Johnny Willemsen <jwillemsen@remedy.nl> | 2021-01-26 15:26:34 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-01-26 15:26:34 +0100 |
commit | be2df3244a3cfb5070fa8b5f93c90d9e81d6edf1 (patch) | |
tree | d5a54c1ef52d7128b6fea252f378f9c6162928c4 | |
parent | d7e14aeba6630cb8bf61d5e6f8208572a092dcc2 (diff) | |
parent | de06b15490fe52f0bd712ab5dbe2ab7879c81382 (diff) | |
download | ATCD-be2df3244a3cfb5070fa8b5f93c90d9e81d6edf1.tar.gz |
Merge pull request #1427 from KamilSoko/disable_TLSv13_support
Added support for disabling/forcing TLSv1.3
-rw-r--r-- | ACE/ace/SSL/SSL_Context.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ACE/ace/SSL/SSL_Context.cpp b/ACE/ace/SSL/SSL_Context.cpp index badc7239546..3fff8fa365e 100644 --- a/ACE/ace/SSL/SSL_Context.cpp +++ b/ACE/ace/SSL/SSL_Context.cpp @@ -349,6 +349,17 @@ ACE_SSL_Context::filter_versions (const char* versionlist) ::SSL_CTX_set_options (this->context_, SSL_OP_NO_TLSv1_2); } #endif /* SSL_OP_NO_TLSv1_2 */ + +#if defined (SSL_OP_NO_TLSv1_3) + pos = vlist.find("tlsv1.3"); + match = pos != ACE_CString::npos && + (pos == vlist.length() - 7 || + seplist.find(vlist[pos + 7]) != ACE_CString::npos); + if (!match) + { + ::SSL_CTX_set_options(this->context_, SSL_OP_NO_TLSv1_3); + } +#endif /* SSL_OP_NO_TLSv1_3 */ return 0; } |