MirrorHub/construct
0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2025-01-16 09:36:54 +01:00
Code Issues Releases Wiki Activity

Explicitly drop SSLv3 connections (SSL_OP_NO_SSLv3) - might break TLS-capable clients that still depend on SSLv23 handshake

Browse source
This commit is contained in:
Patrick Godschalk 2014-10-26 13:15:30 +01:00
parent 2a17ae5483
commit d072eb2350
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libratbox/src/openssl.c
View file

@ -312,7 +312,7 @@ rb_init_ssl(void)
ret = 0; ret = 0;
} }
/* Disable SSLv2, make the client use our settings */ /* Disable SSLv2, make the client use our settings */
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_CIPHER_SERVER_PREFERENCE SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_CIPHER_SERVER_PREFERENCE
#ifdef SSL_OP_SINGLE_DH_USE #ifdef SSL_OP_SINGLE_DH_USE
| SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_DH_USE
#endif #endif