From f43083c6a9d5d9e66d42e7cd0b698b7eb1ecf822 Mon Sep 17 00:00:00 2001
From: Holger Weiss <holger@zedat.fu-berlin.de>
Date: Sun, 4 Oct 2015 23:28:35 +0200
Subject: check_http: Allow for requesting TLSv1.1/TLSv1.2

check_http's -S/--ssl option now allows for requesting the TLSv1.1 and
TLSv1.2 protocols.  Apart from that, a '+' suffix can be appended in
oder to also accept newer protocols than the specified version.

Closes #1338, and closes #1354, and closes #1359.
---
 plugins/netutils.h | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'plugins/netutils.h')

diff --git a/plugins/netutils.h b/plugins/netutils.h
index c6fce901..2766029e 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -91,6 +91,16 @@ RETSIGTYPE socket_timeout_alarm_handler (int) __attribute__((noreturn));
 
 /* SSL-Related functionality */
 #ifdef HAVE_SSL
+#  define MP_SSLv2 1
+#  define MP_SSLv3 2
+#  define MP_TLSv1 3
+#  define MP_TLSv1_1 4
+#  define MP_TLSv1_2 5
+#  define MP_SSLv2_OR_NEWER 6
+#  define MP_SSLv3_OR_NEWER 7
+#  define MP_TLSv1_OR_NEWER 8
+#  define MP_TLSv1_1_OR_NEWER 9
+#  define MP_TLSv1_2_OR_NEWER 10
 /* maybe this could be merged with the above np_net_connect, via some flags */
 int np_net_ssl_init(int sd);
 int np_net_ssl_init_with_hostname(int sd, char *host_name);
-- 
cgit v1.2.3-74-g34f1