diff options
| author | tedu <> | 2014-10-20 21:24:06 +0000 |
|---|---|---|
| committer | tedu <> | 2014-10-20 21:24:06 +0000 |
| commit | 404d8b0257aff75d468f7bf4abb396fa8bbdfbc6 (patch) | |
| tree | 85139a01d8cfe7e5e77a048b9b187dab4618ec9f | |
| parent | 2229ac41c5a152b45c7b6f756b7fc765186d8758 (diff) | |
| download | openbsd-404d8b0257aff75d468f7bf4abb396fa8bbdfbc6.tar.gz openbsd-404d8b0257aff75d468f7bf4abb396fa8bbdfbc6.tar.bz2 openbsd-404d8b0257aff75d468f7bf4abb396fa8bbdfbc6.zip | |
disable SSLv3 by default. all agreed.
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_lib.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index 6b62713bca..e1f7605898 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.78.4.1 2014/10/20 21:24:05 tedu Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1823,6 +1823,9 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1823 | */ | 1823 | */ |
| 1824 | ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; | 1824 | ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; |
| 1825 | 1825 | ||
| 1826 | /* Disable SSLv3 by default. */ | ||
| 1827 | ret->options |= SSL_OP_NO_SSLv3; | ||
| 1828 | |||
| 1826 | return (ret); | 1829 | return (ret); |
| 1827 | err: | 1830 | err: |
| 1828 | SSLerr(SSL_F_SSL_CTX_NEW, | 1831 | SSLerr(SSL_F_SSL_CTX_NEW, |