author | Devjani Ray <devjani.ray@oracle.com> |
Fri, 20 May 2016 17:42:29 -0400 | |
branch | s11u3-sru |
changeset 6035 | c9748fcc32de |
parent 4166 | f7c991485826 |
permissions | -rw-r--r-- |
4166
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
1 |
Disable SSLv2 and SSLv3 in w3m to "mitigate POODLE vulnerability". |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
2 |
|
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
3 |
This change has been passed upstream. |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
4 |
|
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
5 |
--- w3m-0.5.2/url.c.orig 2015-01-29 08:37:04.156739107 -0800 |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
6 |
+++ w3m-0.5.2/url.c 2015-01-29 08:48:24.055383389 -0800 |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
7 |
@@ -337,6 +337,8 @@ |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
8 |
option |= SSL_OP_NO_TLSv1; |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
9 |
} |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
10 |
SSL_CTX_set_options(ssl_ctx, option); |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
11 |
+ /* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */ |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
12 |
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
13 |
#ifdef USE_SSL_VERIFY |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
14 |
/* derived from openssl-0.9.5/apps/s_{client,cb}.c */ |
f7c991485826
20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff
changeset
|
15 |
#if 1 /* use SSL_get_verify_result() to verify cert */ |