Disable SSLv2 and SSLv3 in links to "mitigate POODLE vulnerability".
This change will be passed upstream.
--- https.c.orig 2017-03-01 16:33:15.504062101 +0000
+++ https.c 2017-03-01 16:33:47.467654008 +0000
@@ -114,7 +114,7 @@
#ifndef SSL_OP_NO_COMPRESSION
#define SSL_OP_NO_COMPRESSION 0
#endif
- SSL_CTX_set_options(context, SSL_OP_ALL | SSL_OP_NO_COMPRESSION);
+ SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION);
#ifdef SSL_MODE_ENABLE_PARTIAL_WRITE
SSL_CTX_set_mode(context, SSL_MODE_ENABLE_PARTIAL_WRITE);
#endif