diff options
author | Kamil Sokolowski <Kamil.Sokolowski@motorolasolutions.com> | 2021-01-26 13:39:26 +0100 |
---|---|---|
committer | Kamil Sokolowski <Kamil.Sokolowski@motorolasolutions.com> | 2021-01-26 13:39:26 +0100 |
commit | c8da16d9e0323a261204a438844099da5680f64d (patch) | |
tree | e13da2e0bc8f6be6e75d2712dd054a8662f6865e | |
parent | d7e14aeba6630cb8bf61d5e6f8208572a092dcc2 (diff) | |
download | ATCD-c8da16d9e0323a261204a438844099da5680f64d.tar.gz |
Added support for disabling/forcing TLSv1.3
-rw-r--r-- | ACE/ace/SSL/SSL_Context.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ACE/ace/SSL/SSL_Context.cpp b/ACE/ace/SSL/SSL_Context.cpp index badc7239546..b6bd64befbd 100644 --- a/ACE/ace/SSL/SSL_Context.cpp +++ b/ACE/ace/SSL/SSL_Context.cpp @@ -349,6 +349,17 @@ ACE_SSL_Context::filter_versions (const char* versionlist) ::SSL_CTX_set_options (this->context_, SSL_OP_NO_TLSv1_2); } #endif /* SSL_OP_NO_TLSv1_2 */ + +#if defined (SSL_OP_NO_TLSv1_3) + pos = vlist.find("tlsv1.3"); + match = pos != ACE_CString::npos && + (pos == vlist.length() - 7 || + seplist.find(vlist[pos + 7]) != ACE_CString::npos); + if (!match) + { + ::SSL_CTX_set_options(this->context_, SSL_OP_NO_TLSv1_3); + } +#endif /* SSL_OP_NO_TLSv1_3 */ return 0; } |