From e94ab10e14edd2f6ca021cb2c77b9f9031665452 Mon Sep 17 00:00:00 2001
From: Koichiro IWAO <meta@vmeta.jp>
Date: Tue, 13 Dec 2016 15:49:13 +0900
Subject: TLS: new method to specify SSL/TLS version

SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.

Resolves #428.
---
 common/trans.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'common/trans.c')

diff --git a/common/trans.c b/common/trans.c
index 4beaa56e..8f2c4376 100644
--- a/common/trans.c
+++ b/common/trans.c
@@ -882,7 +882,7 @@ trans_get_out_s(struct trans *self, int size)
 /* returns error */
 int APP_CC
 trans_set_tls_mode(struct trans *self, const char *key, const char *cert,
-                   int disableSSLv3, const char *tls_ciphers)
+                   long ssl_protocols, const char *tls_ciphers)
 {
     self->tls = ssl_tls_create(self, key, cert);
     if (self->tls == NULL)
@@ -891,7 +891,7 @@ trans_set_tls_mode(struct trans *self, const char *key, const char *cert,
         return 1;
     }
 
-    if (ssl_tls_accept(self->tls, disableSSLv3, tls_ciphers) != 0)
+    if (ssl_tls_accept(self->tls, ssl_protocols, tls_ciphers) != 0)
     {
         g_writeln("trans_set_tls_mode: ssl_tls_accept failed");
         return 1;
-- 
cgit v1.2.1