Extend ssl_forbid_method for TLSv1.2 and TLSv1.3

author: Tatsuya Kinoshita <tats@debian.org> 2020-03-11 10:33:34 +0000
committer: Tatsuya Kinoshita <tats@debian.org> 2020-03-11 10:33:34 +0000
commit: 91953baf07be4516df7464e7e806c4e280f62d54 (patch)
tree: fcc1bceac436156f058dee4945ca5db3ebea0ad3
parent: Update ChangeLog (diff)
download: w3m-91953baf07be4516df7464e7e806c4e280f62d54.tar.gz
w3m-91953baf07be4516df7464e7e806c4e280f62d54.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/url.c b/url.c
index aab7b9d..a9e4108 100644
--- a/url.c
+++ b/url.c
@@ -344,8 +344,18 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 		option |= SSL_OP_NO_TLSv1;
 	    if (strchr(ssl_forbid_method, '4'))
 		option |= SSL_OP_NO_TLSv1;
+#ifdef SSL_OP_NO_TLSv1_1
 	    if (strchr(ssl_forbid_method, '5'))
 		option |= SSL_OP_NO_TLSv1_1;
+#endif
+#ifdef SSL_OP_NO_TLSv1_2
+	    if (strchr(ssl_forbid_method, '6'))
+		option |= SSL_OP_NO_TLSv1_2;
+#endif
+#ifdef SSL_OP_NO_TLSv1_3
+	    if (strchr(ssl_forbid_method, '7'))
+		option |= SSL_OP_NO_TLSv1_3;
+#endif
 	}
 #ifdef SSL_OP_NO_COMPRESSION
 	option |= SSL_OP_NO_COMPRESSION;
author	Tatsuya Kinoshita <tats@debian.org>	2020-03-11 10:33:34 +0000
committer	Tatsuya Kinoshita <tats@debian.org>	2020-03-11 10:33:34 +0000
commit	91953baf07be4516df7464e7e806c4e280f62d54 (patch)
tree	fcc1bceac436156f058dee4945ca5db3ebea0ad3
parent	Update ChangeLog (diff)
download	w3m-91953baf07be4516df7464e7e806c4e280f62d54.tar.gz w3m-91953baf07be4516df7464e7e806c4e280f62d54.zip