diff options
author | Tatsuya Kinoshita <tats@debian.org> | 2021-02-10 11:15:54 +0000 |
---|---|---|
committer | Tatsuya Kinoshita <tats@debian.org> | 2021-02-10 12:51:44 +0000 |
commit | 4f4d692321384b4d2fb1ceeadbcf4e03d64cf92d (patch) | |
tree | 3185cc4239fb1fd43032d89a853f1649b091f746 /rc.c | |
parent | New option ssl_cipher to specify ciphers for TLSv1.2 and below (diff) | |
download | w3m-4f4d692321384b4d2fb1ceeadbcf4e03d64cf92d.tar.gz w3m-4f4d692321384b4d2fb1ceeadbcf4e03d64cf92d.zip |
New option ssl_min_version for OpenSSL 1.1
Diffstat (limited to '')
-rw-r--r-- | rc.c | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -205,6 +205,9 @@ static int OptionEncode = FALSE; #define CMT_SSL_CA_FILE N_("File consisting of PEM encoded certificates of CAs") #endif /* USE_SSL_VERIFY */ #define CMT_SSL_FORBID_METHOD N_("List of forbidden SSL methods (2: SSLv2, 3: SSLv3, t: TLSv1.0, 5: TLSv1.1, 6: TLSv1.2, 7: TLSv1.3)") +#ifdef SSL_CTX_set_min_proto_version +#define CMT_SSL_MIN_VERSION N_("Minimum SSL version (TLSv1.0, TLSv1.1, TLSv1.2, or TLSv1.3)") +#endif #define CMT_SSL_CIPHER N_("SSL ciphers for TLSv1.2 and below (e.g. DEFAULT:@SECLEVEL=2)") #endif /* USE_SSL */ #ifdef USE_COOKIE @@ -613,6 +616,10 @@ struct param_ptr params6[] = { struct param_ptr params7[] = { {"ssl_forbid_method", P_STRING, PI_TEXT, (void *)&ssl_forbid_method, CMT_SSL_FORBID_METHOD, NULL}, +#ifdef SSL_CTX_set_min_proto_version + {"ssl_min_version", P_STRING, PI_TEXT, (void *)&ssl_min_version, + CMT_SSL_MIN_VERSION, NULL}, +#endif {"ssl_cipher", P_STRING, PI_TEXT, (void *)&ssl_cipher, CMT_SSL_CIPHER, NULL}, #ifdef USE_SSL_VERIFY |