| author | Rich Burridge <rich.burridge@oracle.com> |
| Tue, 14 Mar 2017 13:18:47 -0700 | |
| changeset 7747 | 83e42ef0155e |
| parent 5559 | a6efae0791c0 |
| permissions | -rw-r--r-- |
|
3636
ca7fe1fad4ea
20352128 links should be delivered 64-bit.
Rich Burridge <rich.burridge@oracle.com>
parents:
3591
diff
changeset
|
1 |
Disable SSLv2 and SSLv3 in links to "mitigate POODLE vulnerability". |
|
3591
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
2 |
|
|
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
3 |
This change will be passed upstream. |
|
76362dc58c44
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
4 |
|
|
7747
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
5 |
--- https.c.orig 2017-03-01 16:33:15.504062101 +0000 |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
6 |
+++ https.c 2017-03-01 16:33:47.467654008 +0000 |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
7 |
@@ -114,7 +114,7 @@ |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
8 |
#ifndef SSL_OP_NO_COMPRESSION |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
9 |
#define SSL_OP_NO_COMPRESSION 0 |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
10 |
#endif |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
11 |
- SSL_CTX_set_options(context, SSL_OP_ALL | SSL_OP_NO_COMPRESSION); |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
12 |
+ SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION); |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
13 |
#ifdef SSL_MODE_ENABLE_PARTIAL_WRITE |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
14 |
SSL_CTX_set_mode(context, SSL_MODE_ENABLE_PARTIAL_WRITE); |
|
83e42ef0155e
25654409 Update links to version 2.14
Rich Burridge <rich.burridge@oracle.com>
parents:
5559
diff
changeset
|
15 |
#endif |