ssl_version=(p1)
public
Sets the SSL/TLS protocol version
for the context. This forces connections to use only the specified protocol
version.
You can get a list of valid versions with OpenSSL::SSL::SSLContext::METHODS
static VALUE
ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method)
{
SSL_CTX *ctx;
const char *s;
VALUE m = ssl_method;
int i;
GetSSLCTX(self, ctx);
if (RB_TYPE_P(ssl_method, T_SYMBOL))
m = rb_sym2str(ssl_method);
s = StringValueCStr(m);
for (i = 0; i < numberof(ossl_ssl_method_tab); i++) {
if (strcmp(ossl_ssl_method_tab[i].name, s) == 0) {
#if defined(HAVE_SSL_CTX_SET_MIN_PROTO_VERSION)
int version = ossl_ssl_method_tab[i].version;
#endif
SSL_METHOD *method = ossl_ssl_method_tab[i].func();
if (SSL_CTX_set_ssl_version(ctx, method) != 1)
ossl_raise(eSSLError, "SSL_CTX_set_ssl_version");
#if defined(HAVE_SSL_CTX_SET_MIN_PROTO_VERSION)
if (!SSL_CTX_set_min_proto_version(ctx, version))
ossl_raise(eSSLError, "SSL_CTX_set_min_proto_version");
if (!SSL_CTX_set_max_proto_version(ctx, version))
ossl_raise(eSSLError, "SSL_CTX_set_max_proto_version");
#endif
return ssl_method;
}
}
ossl_raise(rb_eArgError, "unknown SSL method `%"PRIsVALUE"'.", m);
}