On Wed, Feb 06, 2019 at 02:05:27PM -0800, Hal Murray via devel wrote: > > float mintls = 1.2; /* minimum TLS version allowed */ > float maxtls; /* maximum TLS version allowed */ > > Floats? The API to OpenSSL doesn't work in floats. We'll have to translate > those to something useful. I'd like to push that back to ntp_config. > > From /usr/include/openssl/tls1.h > # define TLS1_VERSION 0x0301 > # define TLS1_1_VERSION 0x0302 > # define TLS1_2_VERSION 0x0303 > # define TLS1_3_VERSION 0x0304 > # define TLS_MAX_VERSION TLS1_3_VERSION > > We should initialize those slots to TLS1_2_VERSION and TLS_MAX_VERSION
Please use 0 instead of TLS_MAX_VERSION, it means the same. I've marked TLS_MAX_VERSION for deprecation. Kurt _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel