From 9f045ae53b83164f4915638eb2828a6b69c56469 Mon Sep 17 00:00:00 2001
From: deuce <>
Date: Fri, 24 Jan 2020 18:38:37 +0000
Subject: [PATCH] Comment out TLS 1.2 minver.  Too many existing things don't
 support 1.2.

We don't need PCI DSS compliance I hope, we just want people doing things.
---
 src/sbbs3/websrvr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/sbbs3/websrvr.c b/src/sbbs3/websrvr.c
index dcb98a9df8..7840f21610 100644
--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -6298,7 +6298,7 @@ void http_session_thread(void* arg)
 		BOOL nodelay=TRUE;
 		setsockopt(session.socket,IPPROTO_TCP,TCP_NODELAY,(char*)&nodelay,sizeof(nodelay));
 
-		HANDLE_CRYPT_CALL(cryptSetAttribute(session.tls_sess, CRYPT_SESSINFO_SSL_OPTIONS, CRYPT_SSLOPTION_MINVER_TLS12), &session, "setting TLS minver to 1.2");
+		//HANDLE_CRYPT_CALL(cryptSetAttribute(session.tls_sess, CRYPT_SESSINFO_SSL_OPTIONS, CRYPT_SSLOPTION_MINVER_TLS12), &session, "setting TLS minver to 1.2");
 		HANDLE_CRYPT_CALL(cryptSetAttribute(session.tls_sess, CRYPT_SESSINFO_NETWORKSOCKET, session.socket), &session, "setting network socket");
 		if (!HANDLE_CRYPT_CALL(cryptSetAttribute(session.tls_sess, CRYPT_SESSINFO_ACTIVE, 1), &session, "setting session active")) {
 			unlock_ssl_cert();
-- 
GitLab