author | Mike Sullivan <Mike.Sullivan@Oracle.COM> |
Mon, 13 Apr 2015 23:01:09 -0700 | |
branch | s11-update |
changeset 4112 | f960ace4a1d4 |
parent 3751 | f7b7c259669f |
child 5559 | a6efae0791c0 |
permissions | -rw-r--r-- |
Disable SSLv2 and SSLv3 in links to "mitigate POODLE vulnerability". This change will be passed upstream. --- https.c.orig 2015-01-13 06:51:50.062449801 -0800 +++ https.c 2015-01-13 06:52:03.963799972 -0800 @@ -63,6 +63,7 @@ context = SSL_CTX_new((void *)m); if (!context) return NULL; SSL_CTX_set_options(context, SSL_OP_ALL); + SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); SSL_CTX_set_default_verify_paths(context); }