diff options
| author | Nick Mathewson <nickm@torproject.org> | 2013-09-25 14:35:18 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2013-09-25 14:35:18 -0400 |
| commit | 090bff2dca81ce5c99e03cc7e73f4eab2c5ffbd1 (patch) | |
| tree | bc88305549af607e0c318fdff719a9bc5116c5d5 /src | |
| parent | 759de9f756cac3fb4034bfbbb7fd5195c0b24a34 (diff) | |
| parent | ad763a336cb3655151383172bcfa658870ad8950 (diff) | |
| download | tor-090bff2dca81ce5c99e03cc7e73f4eab2c5ffbd1.tar tor-090bff2dca81ce5c99e03cc7e73f4eab2c5ffbd1.tar.gz | |
Merge remote-tracking branch 'public/bug6055_v2_024'
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/tortls.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index df706b001..77ade866e 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1241,12 +1241,15 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, * version. Once some version of OpenSSL does TLS1.1 and TLS1.2 * renegotiation properly, we can turn them back on when built with * that version. */ +#if OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,1,'e') #ifdef SSL_OP_NO_TLSv1_2 SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_2); #endif #ifdef SSL_OP_NO_TLSv1_1 SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_1); #endif +#endif + /* Disable TLS tickets if they're supported. We never want to use them; * using them can make our perfect forward secrecy a little worse, *and* * create an opportunity to fingerprint us (since it's unusual to use them |