diff --git a/src/core/properties/signed.c b/src/core/properties/signed.c index b0703e1..1f3537d 100644 --- a/src/core/properties/signed.c +++ b/src/core/properties/signed.c @@ -49,42 +49,42 @@ return (int) lib3270_get_ssl_state(hSession); } - static int lib3270_set_ssl_minimum_supported_version(H3270 *hSession, int value) + static int lib3270_set_ssl_minimum_protocol_version(H3270 *hSession, int value) { #ifdef HAVE_LIBSSL FAIL_IF_ONLINE(hSession); - hSession->ssl.supported_version.minimum = value; + hSession->ssl.protocol.min_version = value; return 0; #else return ENOTSUP; #endif // HAVE_LIBSSL } - static int lib3270_set_ssl_maximum_supported_version(H3270 *hSession, int value) + static int lib3270_set_ssl_maximum_protocol_version(H3270 *hSession, int value) { #ifdef HAVE_LIBSSL FAIL_IF_ONLINE(hSession); - hSession->ssl.supported_version.maximum = value; + hSession->ssl.protocol.max_version = value; return 0; #else return ENOTSUP; #endif // HAVE_LIBSSL } - static int lib3270_get_ssl_minimum_supported_version(const H3270 *hSession) + static int lib3270_get_ssl_minimum_protocol_version(const H3270 *hSession) { #ifdef HAVE_LIBSSL - return hSession->ssl.supported_version.minimum; + return hSession->ssl.protocol.min_version; #else errno = ENOTSUP; return 0; #endif // HAVE_LIBSSL } - static int lib3270_get_ssl_maximum_supported_version(const H3270 *hSession) + static int lib3270_get_ssl_maximum_protocol_version(const H3270 *hSession) { #ifdef HAVE_LIBSSL - return hSession->ssl.supported_version.maximum; + return hSession->ssl.protocol.max_version; #else errno = ENOTSUP; return 0; @@ -118,19 +118,19 @@ }, { - .name = "ssl_minimum_version", // Property name. - .description = N_( "ID of the minimum supported SSL version" ), // Property description. + .name = "ssl_min_protocol_version", // Property name. + .description = N_( "ID of the minimum supported SSL protocol version" ), // Property description. .default_value = 0, - .get = lib3270_get_ssl_minimum_supported_version, // Get value. - .set = lib3270_set_ssl_minimum_supported_version // Set value. + .get = lib3270_get_ssl_minimum_protocol_version, // Get value. + .set = lib3270_set_ssl_minimum_protocol_version // Set value. }, { - .name = "ssl_maximum_version", // Property name. - .description = N_( "ID of the maximum supported SSL version" ), // Property description. + .name = "ssl_max_protocol_version", // Property name. + .description = N_( "ID of the maximum supported SSL protocol version" ), // Property description. .default_value = 0, - .get = lib3270_get_ssl_maximum_supported_version, // Get value. - .set = lib3270_set_ssl_maximum_supported_version // Set value. + .get = lib3270_get_ssl_maximum_protocol_version, // Get value. + .set = lib3270_set_ssl_maximum_protocol_version // Set value. }, { diff --git a/src/core/session.c b/src/core/session.c index f00dda4..60bd8a3 100644 --- a/src/core/session.c +++ b/src/core/session.c @@ -411,8 +411,8 @@ H3270 * lib3270_session_new(const char *model) hSession->id = 0; #ifdef HAVE_LIBSSL - hSession->ssl.supported_version.minimum = 0; - hSession->ssl.supported_version.maximum = 0; + hSession->ssl.protocol.min_version = 0; + hSession->ssl.protocol.max_version = 0; #endif // HAVE_LIBSSL #ifdef SSL_ENABLE_CRL_CHECK diff --git a/src/include/internals.h b/src/include/internals.h index a8a7106..d4ce6cc 100644 --- a/src/include/internals.h +++ b/src/include/internals.h @@ -665,9 +665,9 @@ struct _h3270 struct { - int minimum; ///< @brief The minimum supported protocol version. - int maximum; ///< @brief The maximum supported protocol version. - } supported_version; + int min_version; ///< @brief The minimum supported protocol version. + int max_version; ///< @brief The maximum supported protocol version. + } protocol; #ifdef SSL_ENABLE_CRL_CHECK struct diff --git a/src/ssl/negotiate.c b/src/ssl/negotiate.c index 91bfc63..cc1e886 100644 --- a/src/ssl/negotiate.c +++ b/src/ssl/negotiate.c @@ -150,6 +150,18 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) } /* Set up the TLS/SSL connection. */ + if(hSession->ssl.protocol.min_version) + { + trace_ssl(hSession,"Minimum protocol version set to %d\n",hSession->ssl.protocol.min_version); + SSL_set_min_proto_version(hSession->ssl.con,hSession->ssl.protocol.min_version); + } + + if(hSession->ssl.protocol.max_version) + { + trace_ssl(hSession,"Maximum protocol version set to %d\n",hSession->ssl.protocol.max_version); + SSL_set_max_proto_version(hSession->ssl.con,hSession->ssl.protocol.max_version); + } + if(SSL_set_fd(hSession->ssl.con, hSession->connection.sock) != 1) { trace_ssl(hSession,"%s","SSL_set_fd failed!\n"); -- libgit2 0.21.2