diff options
Diffstat (limited to 'lib/pure')
| -rw-r--r-- | lib/pure/net.nim | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/pure/net.nim b/lib/pure/net.nim index f628ee056..c1896dc1c 100644 --- a/lib/pure/net.nim +++ b/lib/pure/net.nim @@ -580,6 +580,13 @@ when defineSsl: if newCTX.SSL_CTX_set_cipher_list(cipherList) != 1: raiseSSLError() + when not defined(openssl10) and not defined(libressl): + let sslVersion = getOpenSSLVersion() + if sslVersion >= 0x010101000 and not sslVersion == 0x020000000: + # In OpenSSL >= 1.1.1, TLSv1.3 cipher suites can only be configured via + # this API. + if newCTX.SSL_CTX_set_ciphersuites(cipherList) != 1: + raiseSSLError() # Automatically the best ECDH curve for client exchange. Without this, ECDH # ciphers will be ignored by the server. # |