author | Rich Burridge <rich.burridge@oracle.com> |
Thu, 08 Jan 2015 06:55:14 -0800 | |
branch | s11-update |
changeset 3599 | 937319736f5c |
child 3636 | ca7fe1fad4ea |
permissions | -rw-r--r-- |
3599
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
1 |
Disable SSLv2 and SSLv3 in elinks to "mitigate POODLE vulnerability". |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
2 |
|
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
3 |
This change will be passed upstream. |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
4 |
|
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
5 |
--- links-1.03/https.c.orig 2014-12-17 15:47:04.315785336 -0800 |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
6 |
+++ links-1.03/https.c 2015-01-06 13:08:06.766439550 -0800 |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
7 |
@@ -41,6 +41,7 @@ |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
8 |
SSLeay_add_ssl_algorithms(); |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
9 |
context = SSL_CTX_new(SSLv23_client_method()); |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
10 |
SSL_CTX_set_options(context, SSL_OP_ALL); |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
11 |
+ SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
12 |
SSL_CTX_set_default_verify_paths(context); |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
13 |
/* needed for systems without /dev/random, but obviously kills security. */ |
937319736f5c
20231094 problem in UTILITY/LINKS
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
14 |
/*{ |