Merge pull request #3046 from bmiklautz/tls12

tls: enable tls 1+
This commit is contained in:
Hardening 2016-01-12 20:46:53 +01:00
commit 1210421b62

View File

@ -798,7 +798,13 @@ int tls_connect(rdpTls* tls, BIO* underlying)
*/
options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
if (!tls_prepare(tls, underlying, TLSv1_client_method(), options, TRUE))
/**
* disable SSLv2 and SSLv3
*/
options |= SSL_OP_NO_SSLv2;
options |= SSL_OP_NO_SSLv3;
if (!tls_prepare(tls, underlying, SSLv23_client_method(), options, TRUE))
return FALSE;
return tls_do_handshake(tls, TRUE);