rpms / compat-openssl10

Clone
Source Code
GIT

Blame SOURCES/openssl-1.0.2g-disable-sslv2v3.patch

c8 c8-beta c8s
  1.   557317e67ff79958b2e529f7d99e062c97d0b3f6
  2.   SOURCES
  3.   openssl-1.0.2g-disable-sslv2v3.patch
Blob History Raw
557317 
diff -up openssl-1.0.2g/ssl/ssl_lib.c.v2v3 openssl-1.0.2g/ssl/ssl_lib.c
557317 
--- openssl-1.0.2g/ssl/ssl_lib.c.v2v3	2016-03-01 16:38:26.879142021 +0100
557317 
+++ openssl-1.0.2g/ssl/ssl_lib.c	2016-03-01 16:41:32.977353769 +0100
557317 
@@ -2055,11 +2055,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
557317 
     ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
557317
557317 
     /*
557317 
-     * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
557317 
-     * explicitly clear this option via either of SSL_CTX_clear_options() or
557317 
+     * Disable SSLv2 and SSLv3 by default, callers that want to enable these will have to
557317 
+     * explicitly clear these options via either of SSL_CTX_clear_options() or
557317 
      * SSL_clear_options().
557317 
      */
557317 
-    ret->options |= SSL_OP_NO_SSLv2;
557317 
+    ret->options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
557317
557317 
     return (ret);
557317 
  err:

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation