SSL_set_max_proto_version

SSL_CTX_SET_MIN_PROTO_... BSD Library Functions Manual SSL_CTX_SET_MIN_PROTO_...

NAME
     SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version,
     SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version,
     SSL_set_min_proto_version, SSL_set_max_proto_version,
     SSL_get_min_proto_version, SSL_get_max_proto_version — get and set minimum
     and maximum supported protocol version

SYNOPSIS
     #include <openssl/ssl.h>

     int
     SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version);

     int
     SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version);

     int
     SSL_CTX_get_min_proto_version(SSL_CTX *ctx);

     int
     SSL_CTX_get_max_proto_version(SSL_CTX *ctx);

     int
     SSL_set_min_proto_version(SSL *ssl, uint16_t version);

     int
     SSL_set_max_proto_version(SSL *ssl, uint16_t version);

     int
     SSL_get_min_proto_version(SSL *ssl);

     int
     SSL_get_max_proto_version(SSL *ssl);

DESCRIPTION
     These functions get or set the minimum and maximum supported protocol
     versions for ctx or ssl.  This works in combination with the options set
     via SSL_CTX_set_options(3) that also make it possible to disable specific
     protocol versions.  Use these functions instead of disabling specific
     protocol versions.

     Setting the minimum or maximum version to 0 will enable protocol versions
     down to the lowest or up to the highest version supported by the library,
     respectively.

     Currently supported versions are TLS1_VERSION, TLS1_1_VERSION, and
     TLS1_2_VERSION for TLS and DTLS1_VERSION for DTLS.

     In other implementations, these functions may be implemented as macros.

RETURN VALUES
     The setter functions return 1 on success or 0 on failure.

     The getter functions return the configured version or 0 if ctx or ssl has
     been configured to automatically use the lowest or highest version
     supported by the library.

SEE ALSO
     ssl(3), SSL_CTX_new(3), SSL_CTX_set_options(3)

HISTORY
     The setter functions first appeared in BoringSSL in December 2014, with
     shorter names without the proto_ part.  Two years later, OpenSSL included
     them in their 1.1.0 release, gratuitously changing the names; Google
     shrugged and adopted the longer names one month later.  They have been
     available since OpenBSD 6.2.

     The getter functions first appeared in OpenSSL 1.1.0g and have been
     available since OpenBSD 6.3.

BSD                               May 12, 2020                               BSD