NAME
SSL_CTX_set_min_proto_version
,
SSL_CTX_set_max_proto_version
,
SSL_set_min_proto_version
,
SSL_set_max_proto_version
—
set minimum and maximum supported
protocol version
SYNOPSIS
#include
<openssl/ssl.h>
int
SSL_CTX_set_min_proto_version
(SSL_CTX
*ctx, uint16_t version);
int
SSL_CTX_set_max_proto_version
(SSL_CTX
*ctx, uint16_t version);
int
SSL_set_min_proto_version
(SSL
*ssl, uint16_t version);
int
SSL_set_max_proto_version
(SSL
*ssl, uint16_t version);
DESCRIPTION
These functions set the minimum and maximum supported protocol versions for ctx or ssl. This works in combination with the options set via SSL_CTX_set_options(3) that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.
Setting the minimum or maximum version to 0 will enable protocol versions down to the lowest or up to the highest version supported by the library, respectively.
Currently supported versions are TLS1_VERSION, TLS1_1_VERSION, and TLS1_2_VERSION for TLS and DTLS1_VERSION for DTLS.
RETURN VALUES
These functions return 1 on success or 0 on failure.
SEE ALSO
HISTORY
These functions first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.2.