vshabanov
commented
1 year ago Thank you, now available in HsOpenSSL-0.11.7.6
Closed BeowulfDragon closed 1 year ago
vshabanov
commented
1 year ago Thank you, now available in HsOpenSSL-0.11.7.6
This commit adds various options from
ssl.htoOptions.hsc, as it has not been updated since 2015, and is missing various options that have been added over the years.All the changes are just adding new options. If an option is not defined for 1.1.1 (the oldest supported version at time of writing) then it is wrapped in an
#if defined(). Any options that do not have any effect any more have been marked with a documentation comment, and any options that were missing but do not have any effect in 1.1.1 or later have not been added.It is worth noting that while options for disabling TLS 1.1, 1.2, and 1.3 and DTLS 1 and 1.2 have been added, these options have been deprecated since OpenSSL 1.1.0 in favour of
SSL_CTX_set_min_proto_versionandSSL_CTX_set_max_proto_version. However, since these functions are not currently defined in HsOpenSSL, and I do not feel confident in adding them myself at this moment, they have been added in this commit anyway, with a documentation comment as a warning.