Hi,
So looking at the code your currently have:
method=((!protocol || !*protocol)
? NULL:
strcmp(protocol, "SSL3") == 0
? SSLv3_method():
strcmp(protocol, "SSL23") == 0
? SSLv23_method():
strcmp(protocol, "TLSv1") == 0
? TLSv1_method():
#ifdef HAVE_TLSV1_1_METHOD
strcmp(protocol, "TLSv1.1") == 0
? TLSv1_1_method():
#endif
#ifdef HAVE_TLSV1_2_METHOD
strcmp(protocol, "TLSv1.2") == 0
? TLSv1_2_method():
#endif
NULL);
if (!method)
{
method=SSLv23_method();
options|=SSL_OP_NO_SSLv2;
}
The SSLv23_* methods are the only ones that support multiple
protocol versions, SSLv3_* has just been removed in unstable.
The others will be removed in the future, so I suggest you only
use the SSLv23_method(). If you want to disable protocols I
suggest you do it with the options like the SSL_OP_NO_SSLv2 you
already have there.
Kurt
