author | Mike Sullivan <Mike.Sullivan@Oracle.COM> |
Fri, 30 Sep 2016 21:33:56 -0700 | |
changeset 7017 | 25872950aa80 |
parent 7006 | eb24eb49f7c4 |
permissions | -rw-r--r-- |
Patch origin: in-house Patch status: Not suitable for upstream. Always disable SSLv3 and don't allow to enable it ever again. --- src/network.c +++ src/network.c @@ -845,7 +845,7 @@ } } - if (!s->ssl_use_sslv3) { + if (1) { /* disable SSLv3 */ if ((SSL_OP_NO_SSLv3 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv3)) != SSL_OP_NO_SSLv3) { log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",