SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version
#include <openssl/ssl.h> int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version); int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version); int SSL_CTX_get_min_proto_version(SSL_CTX *ctx); int SSL_CTX_get_max_proto_version(SSL_CTX *ctx); int SSL_set_min_proto_version(SSL *ssl, int version); int SSL_set_max_proto_version(SSL *ssl, int version); int SSL_get_min_proto_version(SSL *ssl); int SSL_get_max_proto_version(SSL *ssl);
The functions get or set the minimum and maximum supported protocol versions for the ctx or ssl. This works in combination with the options set via SSL_CTX_set_options(3) that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.
Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.
Getters return 0 in case ctx or ssl have been configured to automatically use the lowest or highest version supported by the library.
Currently supported versions are SSL3_VERSION, TLS1_VERSION, TLS1_1_VERSION, TLS1_2_VERSION, TLS1_3_VERSION for TLS and DTLS1_VERSION, DTLS1_2_VERSION for DTLS.
These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.
All these functions are implemented using macros.
The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.
Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.