Allow TLS protocols higher than TLS10.

nielsb · bvanassche · commit 8570eb2b40dd · 2023-12-01T16:37:53.000-08:00
Modern TLS versions will not connect using these old versions.
diff --git a/snmplib/transports/snmpTLSTCPDomain.c b/snmplib/transports/snmpTLSTCPDomain.c
@@ -719,7 +719,7 @@ netsnmp_tlstcp_open_client(netsnmp_transport *t)
     }
 
 #ifdef SSL_CTX_set_max_proto_version
-    SSL_CTX_set_max_proto_version(tlsdata->ssl_context, TLS1_VERSION);
+    SSL_CTX_set_max_proto_version(tlsdata->ssl_context, 0);
 #endif
 
     /* RFC5953 Section 5.3.1:  Establishing a Session as a Client
@@ -919,7 +919,7 @@ netsnmp_tlstcp_open_server(netsnmp_transport *t)
     tlsdata->ssl_context = sslctx_server_setup(TLS_method());
 #ifdef SSL_CTX_set_max_proto_version
     if (tlsdata->ssl_context)
-        SSL_CTX_set_max_proto_version(tlsdata->ssl_context, TLS1_VERSION);
+        SSL_CTX_set_max_proto_version(tlsdata->ssl_context, 0);
 #endif
 
     t->sock = BIO_get_fd(tlsdata->accept_bio, NULL);
