add version 0.12.10HEAD master

author: Jannis Hoffmann <jannis@fehcom.de> 2024-07-14 21:28:19 +0200
committer: Jannis Hoffmann <jannis@fehcom.de> 2024-07-14 21:28:19 +0200
commit: 1087d4df2a7342d2832ba3bab1843bf4a3040775 (patch)
tree: 96cd6ea198cc542f29c0660d5e5f7083af84d711 /src/ssl_context.c
1 files changed, 34 insertions, 0 deletions
diff --git a/src/ssl_context.c b/src/ssl_context.c
new file mode 100644
index 0000000..03ce58a
--- /dev/null
+++ b/src/ssl_context.c
@@ -0,0 +1,34 @@
+#include "ucspissl.h"
+
+SSL_CTX *ssl_context(const SSL_METHOD *m)
+{
+  SSL_CTX *ctx;
+
+  SSL_library_init();
+  ctx = SSL_CTX_new(m);
+#ifdef SSL_TWEAKING
+  SSL_CTX_set_options(ctx,SSL_OP_SINGLE_DH_USE|SSL_OP_NO_COMPRESSION|SSL_OP_CIPHER_SERVER_PREFERENCE);
+#else
+  SSL_CTX_set_options(ctx,SSL_OP_SINGLE_DH_USE);
+#endif
+#ifdef SSLv2_DISABLE
+  SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv2);
+#endif
+#ifdef SSLv3_DISABLE
+  SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv3);
+#endif
+#ifdef TLSv1_DISABLE
+  SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1);
+#endif
+#ifdef TLSv1_1_DISABLE
+  SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1_1);
+#endif
+#ifdef TLSv1_2_DISABLE
+  SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1_2);
+#endif
+#ifdef TLSv1_3_DISABLE
+  SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1_3);
+#endif
+  return ctx;
+}
+
author	Jannis Hoffmann <jannis@fehcom.de>	2024-07-14 21:28:19 +0200
committer	Jannis Hoffmann <jannis@fehcom.de>	2024-07-14 21:28:19 +0200
commit	1087d4df2a7342d2832ba3bab1843bf4a3040775 (patch)
tree	96cd6ea198cc542f29c0660d5e5f7083af84d711 /src/ssl_context.c