Skip to content
This repository has been archived by the owner on Jan 7, 2023. It is now read-only.

Add Ctx.SetMinProtoVersion and Ctx.SetMaxProtoVersion wrappers #27

Merged
merged 1 commit into from
Jun 3, 2022
Merged

Add Ctx.SetMinProtoVersion and Ctx.SetMaxProtoVersion wrappers #27

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions ctx.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -362,6 +362,32 @@ func (c *Ctx) LoadVerifyLocations(ca_file string, ca_path string) error {
return nil
}

type Version int

const (
SSL3_VERSION Version = C.SSL3_VERSION
TLS1_VERSION Version = C.TLS1_VERSION
TLS1_1_VERSION Version = C.TLS1_1_VERSION
TLS1_2_VERSION Version = C.TLS1_2_VERSION
TLS1_3_VERSION Version = C.TLS1_3_VERSION
DTLS1_VERSION Version = C.DTLS1_VERSION
DTLS1_2_VERSION Version = C.DTLS1_2_VERSION
)

// SetMinProtoVersion sets the minimum supported protocol version for the Ctx.
// http://www.openssl.org/docs/ssl/SSL_CTX_set_min_proto_version.html
func (c *Ctx) SetMinProtoVersion(version Version) bool {
return C.X_SSL_CTX_set_min_proto_version(
c.ctx, C.int(version)) == 1
}

// SetMaxProtoVersion sets the maximum supported protocol version for the Ctx.
// http://www.openssl.org/docs/ssl/SSL_CTX_set_max_proto_version.html
func (c *Ctx) SetMaxProtoVersion(version Version) bool {
return C.X_SSL_CTX_set_max_proto_version(
c.ctx, C.int(version)) == 1
}

type Options int

const (
Expand Down
8 changes: 8 additions & 0 deletions shim.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -475,6 +475,14 @@ int X_SSL_CTX_new_index() {
return SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
}

int X_SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version) {
return SSL_CTX_set_min_proto_version(ctx, version);
}

int X_SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version) {
return SSL_CTX_set_max_proto_version(ctx, version);
}

long X_SSL_CTX_set_options(SSL_CTX* ctx, long options) {
return SSL_CTX_set_options(ctx, options);
}
Expand Down
2 changes: 2 additions & 0 deletions shim.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,8 @@ extern int X_SSL_verify_cb(int ok, X509_STORE_CTX* store);

/* SSL_CTX methods */
extern int X_SSL_CTX_new_index();
extern int X_SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
extern int X_SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
extern long X_SSL_CTX_set_options(SSL_CTX* ctx, long options);
extern long X_SSL_CTX_clear_options(SSL_CTX* ctx, long options);
extern long X_SSL_CTX_get_options(SSL_CTX* ctx);
Expand Down