diff options
Diffstat (limited to 'src/ssl_context.c')
| -rw-r--r-- | src/ssl_context.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/src/ssl_context.c b/src/ssl_context.c new file mode 100644 index 0000000..03ce58a --- /dev/null +++ b/src/ssl_context.c @@ -0,0 +1,34 @@ +#include "ucspissl.h" + +SSL_CTX *ssl_context(const SSL_METHOD *m) +{ + SSL_CTX *ctx; + + SSL_library_init(); + ctx = SSL_CTX_new(m); +#ifdef SSL_TWEAKING + SSL_CTX_set_options(ctx,SSL_OP_SINGLE_DH_USE|SSL_OP_NO_COMPRESSION|SSL_OP_CIPHER_SERVER_PREFERENCE); +#else + SSL_CTX_set_options(ctx,SSL_OP_SINGLE_DH_USE); +#endif +#ifdef SSLv2_DISABLE + SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv2); +#endif +#ifdef SSLv3_DISABLE + SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv3); +#endif +#ifdef TLSv1_DISABLE + SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1); +#endif +#ifdef TLSv1_1_DISABLE + SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1_1); +#endif +#ifdef TLSv1_2_DISABLE + SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1_2); +#endif +#ifdef TLSv1_3_DISABLE + SSL_CTX_set_options(ctx,SSL_OP_NO_TLSv1_3); +#endif + return ctx; +} + |