author | John Beck <John.Beck@Oracle.COM> |
Fri, 09 Sep 2016 13:08:45 -0700 | |
changeset 6889 | 83e26eb7e42b |
parent 5559 | a6efae0791c0 |
child 7747 | 83e42ef0155e |
permissions | -rw-r--r-- |
3636
ca7fe1fad4ea
20352128 links should be delivered 64-bit.
Rich Burridge <rich.burridge@oracle.com>
parents:
3591
diff
changeset
|
1 |
Disable SSLv2 and SSLv3 in links to "mitigate POODLE vulnerability". |
3591
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
2 |
|
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
3 |
This change will be passed upstream. |
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
4 |
|
5559
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
5 |
--- https.c.orig 2016-03-02 16:24:33.763060204 -0800 |
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
6 |
+++ https.c 2016-03-02 16:25:14.036046032 -0800 |
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
7 |
@@ -100,7 +100,7 @@ |
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
8 |
if (!m) return NULL; |
3636
ca7fe1fad4ea
20352128 links should be delivered 64-bit.
Rich Burridge <rich.burridge@oracle.com>
parents:
3591
diff
changeset
|
9 |
context = SSL_CTX_new((void *)m); |
ca7fe1fad4ea
20352128 links should be delivered 64-bit.
Rich Burridge <rich.burridge@oracle.com>
parents:
3591
diff
changeset
|
10 |
if (!context) return NULL; |
5559
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
11 |
- SSL_CTX_set_options(context, SSL_OP_ALL); |
3591
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
12 |
+ SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); |
5559
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
13 |
if (ssl_set_private_paths()) |
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
14 |
SSL_CTX_set_default_verify_paths(context); |
a6efae0791c0
22862684 Update links to version 2.12
Rich Burridge <rich.burridge@oracle.com>
parents:
3636
diff
changeset
|
15 |
SSL_CTX_set_default_passwd_cb(context, ssl_password_callback); |