Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/links/patches/init-openssl.patch
author Rich Burridge <rich.burridge@oracle.com>
Thu, 08 Jan 2015 06:55:14 -0800
branchs11-update
changeset 3599 937319736f5c
child 3636 ca7fe1fad4ea
permissions -rw-r--r--
20231094 problem in UTILITY/LINKS
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
3599
937319736f5c 20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     1
 
Disable SSLv2 and SSLv3 in elinks to "mitigate POODLE vulnerability".
937319736f5c 20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     2
 












937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     3


This change will be passed upstream.













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     4














937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     5


--- links-1.03/https.c.orig	2014-12-17 15:47:04.315785336 -0800













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     6


+++ links-1.03/https.c	2015-01-06 13:08:06.766439550 -0800













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     7


@@ -41,6 +41,7 @@













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     8


 		SSLeay_add_ssl_algorithms();













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     9


 		context = SSL_CTX_new(SSLv23_client_method());













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    10


 		SSL_CTX_set_options(context, SSL_OP_ALL);













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    11


+		SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    12


 		SSL_CTX_set_default_verify_paths(context);













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    13


 /* needed for systems without /dev/random, but obviously kills security. */













937319736f5c
20231094 problem in UTILITY/LINKS



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    14


 		/*{















upstream/oracle/userland-gate