equal
deleted
inserted
replaced
|
1 Disable SSLv2 and SSLv3 in elinks to "mitigate POODLE vulnerability". |
|
2 |
|
3 This change will be passed upstream. |
|
4 |
|
5 --- links-1.03/https.c.orig 2014-12-17 15:47:04.315785336 -0800 |
|
6 +++ links-1.03/https.c 2015-01-06 13:08:06.766439550 -0800 |
|
7 @@ -41,6 +41,7 @@ |
|
8 SSLeay_add_ssl_algorithms(); |
|
9 context = SSL_CTX_new(SSLv23_client_method()); |
|
10 SSL_CTX_set_options(context, SSL_OP_ALL); |
|
11 + SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); |
|
12 SSL_CTX_set_default_verify_paths(context); |
|
13 /* needed for systems without /dev/random, but obviously kills security. */ |
|
14 /*{ |