equal
deleted
inserted
replaced
1 Disable SSLv2 and SSLv3 in w3m to "mitigate POODLE vulnerability". |
|
2 |
|
3 This change has been passed upstream. |
|
4 |
|
5 --- w3m-0.5.2/url.c.orig 2015-01-29 08:37:04.156739107 -0800 |
|
6 +++ w3m-0.5.2/url.c 2015-01-29 08:48:24.055383389 -0800 |
|
7 @@ -337,6 +337,8 @@ |
|
8 option |= SSL_OP_NO_TLSv1; |
|
9 } |
|
10 SSL_CTX_set_options(ssl_ctx, option); |
|
11 + /* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */ |
|
12 + SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); |
|
13 #ifdef USE_SSL_VERIFY |
|
14 /* derived from openssl-0.9.5/apps/s_{client,cb}.c */ |
|
15 #if 1 /* use SSL_get_verify_result() to verify cert */ |
|