libp2p/go-openssl
1
0
Fork 0
mirror of https://github.com/libp2p/go-openssl.git synced 2024-12-25 23:30:06 +08:00
Code Issues Projects Releases Wiki Activity

Add Ctx.SetMinProtoVersion and Ctx.SetMaxProtoVersion wrappers

Browse Source 
- Ctx.SetMinProtoVersion wraps SSL_CTX_set_min_proto_version
- Ctx.SetMaxProtoVersion wraps SSL_CTX_set_max_proto_version
This commit is contained in:
Oleg Jukovec 2022-04-15 12:54:14 +03:00
parent 0fadeb4d38
commit 2a664981b2
3 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
ctx.go
View File

@ -362,6 +362,32 @@ func (c *Ctx) LoadVerifyLocations(ca_file string, ca_path string) error {
return nil
}
type Version int
const (
SSL3_VERSION Version = C.SSL3_VERSION
TLS1_VERSION Version = C.TLS1_VERSION
TLS1_1_VERSION Version = C.TLS1_1_VERSION
TLS1_2_VERSION Version = C.TLS1_2_VERSION
TLS1_3_VERSION Version = C.TLS1_3_VERSION
DTLS1_VERSION Version = C.DTLS1_VERSION
DTLS1_2_VERSION Version = C.DTLS1_2_VERSION
)
// SetMinProtoVersion sets the minimum supported protocol version for the Ctx.
// http://www.openssl.org/docs/ssl/SSL_CTX_set_min_proto_version.html
func (c *Ctx) SetMinProtoVersion(version Version) bool {
return C.X_SSL_CTX_set_min_proto_version(
c.ctx, C.int(version)) == 1
}
// SetMaxProtoVersion sets the maximum supported protocol version for the Ctx.
// http://www.openssl.org/docs/ssl/SSL_CTX_set_max_proto_version.html
func (c *Ctx) SetMaxProtoVersion(version Version) bool {
return C.X_SSL_CTX_set_max_proto_version(
c.ctx, C.int(version)) == 1
}
type Options int
const (

8
shim.c
View File

@ -475,6 +475,14 @@ int X_SSL_CTX_new_index() {
return SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
}
int X_SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version) {
return SSL_CTX_set_min_proto_version(ctx, version);
}
int X_SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version) {
return SSL_CTX_set_max_proto_version(ctx, version);
}
long X_SSL_CTX_set_options(SSL_CTX* ctx, long options) {
return SSL_CTX_set_options(ctx, options);
}

2
shim.h
View File

@ -67,6 +67,8 @@ extern int X_SSL_verify_cb(int ok, X509_STORE_CTX* store);
/* SSL_CTX methods */
extern int X_SSL_CTX_new_index();
extern int X_SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
extern int X_SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
extern long X_SSL_CTX_set_options(SSL_CTX* ctx, long options);
extern long X_SSL_CTX_clear_options(SSL_CTX* ctx, long options);
extern long X_SSL_CTX_get_options(SSL_CTX* ctx);