mirror of
https://github.com/matrix-construct/construct
synced 2024-12-28 16:34:13 +01:00
Explicitly drop SSLv3 connections (SSL_OP_NO_SSLv3) - might break TLS-capable clients that still depend on SSLv23 handshake
This commit is contained in:
Patrick Godschalk
parent
2a17ae5483
commit
d072eb2350
1 changed files with 1 additions and 1 deletions
|
|
@ -312,7 +312,7 @@ rb_init_ssl(void)
|
|||
ret = 0;
|
||||
}
|
||||
/* Disable SSLv2, make the client use our settings */
|
||||
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_CIPHER_SERVER_PREFERENCE
|
||||
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_CIPHER_SERVER_PREFERENCE
|
||||
#ifdef SSL_OP_SINGLE_DH_USE
|
||||
| SSL_OP_SINGLE_DH_USE
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue