1=pod 2 3=head1 NAME 4 5SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, 6SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, 7SSL_set_min_proto_version, SSL_set_max_proto_version, 8SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum 9and maximum supported protocol version 10 11=head1 SYNOPSIS 12 13 #include <openssl/ssl.h> 14 15 int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version); 16 int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version); 17 int SSL_CTX_get_min_proto_version(SSL_CTX *ctx); 18 int SSL_CTX_get_max_proto_version(SSL_CTX *ctx); 19 20 int SSL_set_min_proto_version(SSL *ssl, int version); 21 int SSL_set_max_proto_version(SSL *ssl, int version); 22 int SSL_get_min_proto_version(SSL *ssl); 23 int SSL_get_max_proto_version(SSL *ssl); 24 25=head1 DESCRIPTION 26 27The functions get or set the minimum and maximum supported protocol versions 28for the B<ctx> or B<ssl>. 29This works in combination with the options set via 30L<SSL_CTX_set_options(3)> that also make it possible to disable 31specific protocol versions. 32Use these functions instead of disabling specific protocol versions. 33 34Setting the minimum or maximum version to 0 (default), will enable protocol 35versions down to the lowest version, or up to the highest version 36supported by the library, respectively. The supported versions might be 37controlled by system configuration. 38 39Getters return 0 in case B<ctx> or B<ssl> have been configured to 40automatically use the lowest or highest version supported by the library. 41 42Currently supported versions are B<SSL3_VERSION>, B<TLS1_VERSION>, 43B<TLS1_1_VERSION>, B<TLS1_2_VERSION>, B<TLS1_3_VERSION> for TLS and 44B<DTLS1_VERSION>, B<DTLS1_2_VERSION> for DTLS. 45 46In the current version of OpenSSL only QUICv1 is supported in conjunction with 47TLSv1.3. Calling these functions on a QUIC object has no effect. 48 49=head1 RETURN VALUES 50 51These setter functions return 1 on success and 0 on failure. The getter 52functions return the configured version or 0 for auto-configuration of 53lowest or highest protocol, respectively. 54 55=head1 NOTES 56 57All these functions are implemented using macros. 58 59=head1 SEE ALSO 60 61L<ssl(7)>, 62L<SSL_CTX_set_options(3)>, L<SSL_CONF_cmd(3)> 63 64=head1 HISTORY 65 66The setter functions were added in OpenSSL 1.1.0. The getter functions 67were added in OpenSSL 1.1.1. 68 69=head1 COPYRIGHT 70 71Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. 72 73Licensed under the Apache License 2.0 (the "License"). You may not use 74this file except in compliance with the License. You can obtain a copy 75in the file LICENSE in the source distribution or at 76L<https://www.openssl.org/source/license.html>. 77 78=cut 79