Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/ejabberd/patches/001-no-sslv3.patch
changeset 4613 9c99af0be85c
equal deleted inserted replaced
4612:a90827a85af0 4613:9c99af0be85c 
       
     1 #
 
       
     2 # disable SSLv3 support as it is not entirely secure.
 
       
     3 #
 
       
     4 --- ejabberd-2.1.13/src/tls/tls_drv.c.orig	Thu Jul  9 11:46:50 2015
 
       
     5 +++ ejabberd-2.1.13/src/tls/tls_drv.c	Thu Jul  9 11:52:03 2015
 
       
     6 @@ -44,7 +44,7 @@
 
       
     7  #define SSL_OP_NO_TICKET 0
 
       
     8  #endif
 
       
     9  
       
    10 -#define CIPHERS "DEFAULT:!EXPORT:!LOW:!SSLv2"
 
       
    11 +#define CIPHERS "DEFAULT:!EXPORT:!LOW:!SSLv2:!SSLv3"
 
       
    12  
       
    13  /*
 
       
    14   * R15B changed several driver callbacks to use ErlDrvSizeT and
 
       
    15 @@ -440,7 +440,7 @@
 
       
    16  	    res = SSL_CTX_check_private_key(ctx);
 
       
    17  	    die_unless(res > 0, "SSL_CTX_check_private_key failed");
 
       
    18  
       
    19 -	    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
 
       
    20 +	    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET);
 
       
    21  
       
    22  	    SSL_CTX_set_cipher_list(ctx, CIPHERS);
 
       
    23
upstream/oracle/userland-gate