Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/w3m/patches/05-init-openssl.patch
branchs11-update
changeset 4166 f7c991485826
equal deleted inserted replaced
4163:b088658aed2f 4166:f7c991485826 
       
     1 Disable SSLv2 and SSLv3 in w3m to "mitigate POODLE vulnerability".
 
       
     2 
       
     3 This change has been passed upstream.
 
       
     4 
       
     5 --- w3m-0.5.2/url.c.orig	2015-01-29 08:37:04.156739107 -0800
 
       
     6 +++ w3m-0.5.2/url.c	2015-01-29 08:48:24.055383389 -0800
 
       
     7 @@ -337,6 +337,8 @@
 
       
     8  		option |= SSL_OP_NO_TLSv1;
 
       
     9  	}
 
       
    10  	SSL_CTX_set_options(ssl_ctx, option);
 
       
    11 +	/* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */
 
       
    12 +	SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
 
       
    13  #ifdef USE_SSL_VERIFY
 
       
    14  	/* derived from openssl-0.9.5/apps/s_{client,cb}.c */
 
       
    15  #if 1				/* use SSL_get_verify_result() to verify cert */
upstream/oracle/userland-gate