Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/links/patches/init-openssl.patch
author Rich Burridge <rich.burridge@oracle.com>
Tue, 02 May 2017 17:33:26 -0700
changeset 7964 d9801318ed3d
parent 7747 83e42ef0155e
permissions -rw-r--r--
25981468 Build ilmbase and openexr with the GNU compilers

Disable SSLv2 and SSLv3 in links to "mitigate POODLE vulnerability".

This change will be passed upstream.

--- https.c.orig	2017-03-01 16:33:15.504062101 +0000
+++ https.c	2017-03-01 16:33:47.467654008 +0000
@@ -114,7 +114,7 @@
 #ifndef SSL_OP_NO_COMPRESSION
 #define SSL_OP_NO_COMPRESSION	0
 #endif
-		SSL_CTX_set_options(context, SSL_OP_ALL | SSL_OP_NO_COMPRESSION);
+		SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION);
 #ifdef SSL_MODE_ENABLE_PARTIAL_WRITE
 		SSL_CTX_set_mode(context, SSL_MODE_ENABLE_PARTIAL_WRITE);
 #endif
upstream/oracle/userland-gate