author | Petr Sumbera <petr.sumbera@oracle.com> |
Mon, 19 Sep 2016 05:51:20 -0700 | |
changeset 7006 | eb24eb49f7c4 |
parent 5738 | fc0e1d002c9e |
permissions | -rw-r--r-- |
Patch origin: in-house Patch status: Not suitable for upstream. Always disable SSLv3 and don't allow to enable it ever again. --- src/network.c +++ src/network.c @@ -845,7 +845,7 @@ } } - if (!s->ssl_use_sslv3) { + if (1) { /* disable SSLv3 */ if ((SSL_OP_NO_SSLv3 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv3)) != SSL_OP_NO_SSLv3) { log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",