TLS: new method to specify SSL/TLS version

SSL/TLS protocols only listed in ssl_protocols should be used. The name "ssl_protocols" comes from nginx. Resolves #428.
author: Koichiro IWAO <meta@vmeta.jp> 2016-12-13 15:49:13 +0900
committer: metalefty <meta@vmeta.jp> 2017-02-27 14:17:25 +0900
commit: e94ab10e14edd2f6ca021cb2c77b9f9031665452 (patch)
tree: 135cc7231f151da007081c6b1ca4798a846c74c6 /common/trans.c
parent: 657f6f3756f883e2a5899eaff9e0e59c4bc67995 (diff)
download: xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.tar.gz
xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/common/trans.c b/common/trans.c
index 4beaa56e..8f2c4376 100644
--- a/common/trans.c
+++ b/common/trans.c
@@ -882,7 +882,7 @@ trans_get_out_s(struct trans *self, int size)
 /* returns error */
 int APP_CC
 trans_set_tls_mode(struct trans *self, const char *key, const char *cert,
-                   int disableSSLv3, const char *tls_ciphers)
+                   long ssl_protocols, const char *tls_ciphers)
 {
     self->tls = ssl_tls_create(self, key, cert);
     if (self->tls == NULL)
@@ -891,7 +891,7 @@ trans_set_tls_mode(struct trans *self, const char *key, const char *cert,
         return 1;
     }
 
-    if (ssl_tls_accept(self->tls, disableSSLv3, tls_ciphers) != 0)
+    if (ssl_tls_accept(self->tls, ssl_protocols, tls_ciphers) != 0)
     {
         g_writeln("trans_set_tls_mode: ssl_tls_accept failed");
         return 1;
author	Koichiro IWAO <meta@vmeta.jp>	2016-12-13 15:49:13 +0900
committer	metalefty <meta@vmeta.jp>	2017-02-27 14:17:25 +0900
commit	e94ab10e14edd2f6ca021cb2c77b9f9031665452 (patch)
tree	135cc7231f151da007081c6b1ca4798a846c74c6 /common/trans.c
parent	657f6f3756f883e2a5899eaff9e0e59c4bc67995 (diff)
download	xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.tar.gz xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.zip