Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/links/patches/init-openssl.patch
changeset 3591 76362dc58c44
child 3636 ca7fe1fad4ea
equal deleted inserted replaced
3589:bdfbf7f178a7 3591:76362dc58c44 
       
     1 Disable SSLv2 and SSLv3 in elinks to "mitigate POODLE vulnerability".
 
       
     2 
       
     3 This change will be passed upstream.
 
       
     4 
       
     5 --- links-1.03/https.c.orig	2014-12-17 15:47:04.315785336 -0800
 
       
     6 +++ links-1.03/https.c	2015-01-06 13:08:06.766439550 -0800
 
       
     7 @@ -41,6 +41,7 @@
 
       
     8  		SSLeay_add_ssl_algorithms();
 
       
     9  		context = SSL_CTX_new(SSLv23_client_method());
 
       
    10  		SSL_CTX_set_options(context, SSL_OP_ALL);
 
       
    11 +		SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
 
       
    12  		SSL_CTX_set_default_verify_paths(context);
 
       
    13  /* needed for systems without /dev/random, but obviously kills security. */
 
       
    14  		/*{
upstream/oracle/userland-gate