openssl: force TLS v1.2 instead of v1

author Felix Fietkau <nbd@openwrt.org>

Sun, 21 Feb 2016 08:10:46 +0000 (09:10 +0100)

committer Felix Fietkau <nbd@openwrt.org>

Sun, 21 Feb 2016 08:10:50 +0000 (09:10 +0100)
author Felix Fietkau <nbd@openwrt.org>
Sun, 21 Feb 2016 08:10:46 +0000 (09:10 +0100)
committer Felix Fietkau <nbd@openwrt.org>
Sun, 21 Feb 2016 08:10:50 +0000 (09:10 +0100)
diff --git a/ustream-openssl.c b/ustream-openssl.c

index 0d4a8fffc42126beadc64b35e00503039befc6f4..4a3f0a27aa51008ac8047ea3853e70324ed1278c 100644 (file)
--- a/ustream-openssl.c
+++ b/ustream-openssl.c
@@ -42,9 +42,9 @@ __ustream_ssl_context_new(bool server)
                 m = SSLv23_client_method();
  #else
         if (server)
-               m = TLSv1_server_method();
+               m = TLSv1_2_server_method();
         else
-               m = TLSv1_client_method();
+               m = TLSv1_2_client_method();
  #endif
  
         c = SSL_CTX_new((void *) m);
author	Felix Fietkau <nbd@openwrt.org>
	Sun, 21 Feb 2016 08:10:46 +0000 (09:10 +0100)
committer	Felix Fietkau <nbd@openwrt.org>
	Sun, 21 Feb 2016 08:10:50 +0000 (09:10 +0100)