Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 6981:08dc60979133
SSL: added support for TLSv1.3 in ssl_protocols directive.
Support for the TLSv1.3 protocol will be introduced in OpenSSL 1.1.1.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 18 Apr 2017 15:12:38 +0300 |
| parents | 5cb85b0ee00b |
| children | ac9b1df5b246 |
comparison
equal
deleted
inserted
replaced
| 6980:dbb0c854e308 | 6981:08dc60979133 |
|---|---|
| 319 #endif | 319 #endif |
| 320 #ifdef SSL_OP_NO_TLSv1_2 | 320 #ifdef SSL_OP_NO_TLSv1_2 |
| 321 SSL_CTX_clear_options(ssl->ctx, SSL_OP_NO_TLSv1_2); | 321 SSL_CTX_clear_options(ssl->ctx, SSL_OP_NO_TLSv1_2); |
| 322 if (!(protocols & NGX_SSL_TLSv1_2)) { | 322 if (!(protocols & NGX_SSL_TLSv1_2)) { |
| 323 SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_2); | 323 SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_2); |
| 324 } | |
| 325 #endif | |
| 326 #ifdef SSL_OP_NO_TLSv1_3 | |
| 327 SSL_CTX_clear_options(ssl->ctx, SSL_OP_NO_TLSv1_3); | |
| 328 if (!(protocols & NGX_SSL_TLSv1_3)) { | |
| 329 SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_3); | |
| 324 } | 330 } |
| 325 #endif | 331 #endif |
| 326 | 332 |
| 327 #ifdef SSL_OP_NO_COMPRESSION | 333 #ifdef SSL_OP_NO_COMPRESSION |
| 328 SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_COMPRESSION); | 334 SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_COMPRESSION); |