TLS version should not be configurable. it's deprecated in openssl

include/libtorrent/aux_/openssl.hpp

@@ -101,9 +101,6 @@ TORRENT_EXTRA_EXPORT GENERAL_NAME* openssl_general_name_value(GENERAL_NAMES* gen
 
 #endif // OPENSSL_VERSION_NUMBER
 
-// converts setting_pack::ssl_version_t enum into asio version
-ssl::context::method ssl_version(int const v);
-
 } // aux
 } // libtorrent
 

include/libtorrent/config.hpp

@@ -568,14 +568,6 @@ constexpr std::size_t TORRENT_WRITE_HANDLER_MAX_SIZE = 342;
 #endif
 #endif // TORRENT_HAS_ARM_CRC32
 
-#ifndef TORRENT_USE_TLS13
-#if BOOST_VERSION >= 106900
-#define TORRENT_USE_TLS13 1
-#else
-#define TORRENT_USE_TLS13 0
-#endif
-#endif
-
 namespace libtorrent {}
 
 // create alias

include/libtorrent/settings_pack.hpp

@@ -1752,12 +1752,6 @@ namespace aux {
 			// lower than 5 minutes.
 			upnp_lease_duration,
 
-			// the SSL/TLS version to use for HTTPS trackers and SSL torrents. Set
-			// it to one of the ssl_version_t values. This setting only takes
-			// effect when passed in to the session constructor. It cannot be
-			// changed once the session has been constructed.
-			ssl_version,
-
 			max_int_setting_internal
 		};
 
@@ -1771,18 +1765,6 @@ namespace aux {
 
 		enum suggest_mode_t : std::uint8_t { no_piece_suggestions = 0, suggest_read_cache = 1 };
 
-		enum ssl_version_t : std::uint8_t
-		{
-			// TLS version 1.1
-			tls11,
-			// TLS version 1.2
-			tls12,
-#if TORRENT_USE_TLS13
-			// TLS version 1.3
-			tls13,
-#endif
-		};
-
 		enum choking_algorithm_t : std::uint8_t
 		{
 			fixed_slots_choker = 0,

src/openssl.cpp

@@ -76,21 +76,6 @@ GENERAL_NAME* openssl_general_name_value(GENERAL_NAMES* gens, int i)
 
 #endif // OPENSSL_VERSION_NUMBER
 
-ssl::context::method ssl_version(int const v)
-{
-	switch (v)
-	{
-		case settings_pack::tls11: return ssl::context::tlsv11;
-		case settings_pack::tls12: return ssl::context::tlsv12;
-#if TORRENT_USE_TLS13
-		case settings_pack::tls13: return ssl::context::tlsv13;
-		default: return ssl::context::tlsv13;
-#else
-		default: return ssl::context::tlsv12;
-#endif
-	};
-}
-
 #endif // TORRENT_USE_OPENSSL
 
 }

src/session_impl.cpp

@@ -454,8 +454,8 @@ namespace aux {
 		: m_settings(pack)
 		, m_io_service(ios)
 #ifdef TORRENT_USE_OPENSSL
-		, m_ssl_ctx(ssl_version(pack.get_int(settings_pack::ssl_version)))
-		, m_peer_ssl_ctx(ssl_version(pack.get_int(settings_pack::ssl_version)))
+		, m_ssl_ctx(ssl::context::tls_client)
+		, m_peer_ssl_ctx(ssl::context::tls)
 #endif
 		, m_alerts(m_settings.get_int(settings_pack::alert_queue_size)
 			, alert_category_t{static_cast<unsigned int>(m_settings.get_int(settings_pack::alert_mask))})

src/settings_pack.cpp

@@ -351,11 +351,6 @@ constexpr int CLOSE_FILE_INTERVAL = 0;
 		SET(resolver_cache_timeout, 1200, &session_impl::update_resolver_cache_timeout),
 		SET(send_not_sent_low_watermark, 16384, nullptr),
 		SET(upnp_lease_duration, 3600, nullptr),
-#if TORRENT_USE_TLS13
-		SET(ssl_version, settings_pack::tls13, nullptr),
-#else
-		SET(ssl_version, settings_pack::tls12, nullptr),
-#endif
 	}});
 
 #undef SET

src/torrent.cpp

@@ -1642,8 +1642,7 @@ bool is_downloading_state(int const st)
 		// create the SSL context for this torrent. We need to
 		// inject the root certificate, and no other, to
 		// verify other peers against
-		std::unique_ptr<context> ctx(new context(
-			aux::ssl_version(settings().get_int(settings_pack::ssl_version))));
+		std::unique_ptr<context> ctx(new context(context::tls));
 
 		if (!ctx)
 		{

test/settings.cpp

@@ -87,9 +87,6 @@ lt::settings_pack settings()
 	pack.set_int(settings_pack::half_open_limit, 1);
 #endif
 
-	// to be compatible with python
-	pack.set_int(settings_pack::ssl_version, settings_pack::tls12);
-
 	return pack;
 }