disabled tlsv1

core/ssl.c

@@ -231,6 +231,10 @@ SSL_CTX *uwsgi_ssl_new_server_context(char *name, char *crt, char *key, char *ci
 		ssloptions |= SSL_OP_NO_SSLv3;
 	}
 
+	if (!uwsgi.tlsv1) {
+		ssloptions |= SSL_OP_NO_TLSv1;
+	}
+
 // release/reuse buffers as soon as possible
 #ifdef SSL_MODE_RELEASE_BUFFERS
         SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);

core/uwsgi.c

@@ -716,6 +716,8 @@ static struct uwsgi_option uwsgi_base_options[] = {
 	{"sni-dir", required_argument, 0, "check for cert/key/client_ca file in the specified directory and create a sni/ssl context on demand", uwsgi_opt_set_str, &uwsgi.sni_dir, 0},
 	{"sni-dir-ciphers", required_argument, 0, "set ssl ciphers for sni-dir option", uwsgi_opt_set_str, &uwsgi.sni_dir_ciphers, 0},
 	{"ssl-enable3", no_argument, 0, "enable SSLv3 (insecure)", uwsgi_opt_true, &uwsgi.sslv3, 0},
+	{"ssl-enable-sslv3", no_argument, 0, "enable SSLv3 (insecure)", uwsgi_opt_true, &uwsgi.sslv3, 0},
+	{"ssl-enable-tlsv1", no_argument, 0, "enable TLSv1 (insecure)", uwsgi_opt_true, &uwsgi.tlsv1, 0},
 	{"ssl-option", no_argument, 0, "set a raw ssl option (numeric value)", uwsgi_opt_add_string_list, &uwsgi.ssl_options, 0},
 #ifdef UWSGI_PCRE
 	{"sni-regexp", required_argument, 0, "add an SNI-governed SSL context (the key is a regexp)", uwsgi_opt_sni, NULL, 0},

plugins/python/uwsgi_pymodule.c

@@ -1569,7 +1569,7 @@ PyObject *py_uwsgi_spooler_dir(PyObject * self, PyObject * args) {
 
 	for (;spooler;spooler=spooler->next) {
 		if (uwsgi.mypid == spooler->pid) {
-			if (spooler->dir) return PyString_FromString(spooler->dir);
+			if (spooler->dir > 0) return PyString_FromString(spooler->dir);
 			Py_INCREF(Py_None);
 			return Py_None;
 		}

uwsgi.h

@@ -2850,6 +2850,10 @@ struct uwsgi_server {
 	int ssl_verify_depth;
 #endif
 
+#ifdef UWSGI_SSL
+	int tlsv1;
+#endif
+
 	size_t response_header_limit;
 
 	// uWSGI 2.1