rpms / compat-openssl10

Clone
Source Code
GIT

Blame SOURCES/openssl-1.0.2g-disable-sslv2v3.patch

c8 c8-beta c8s
  1.   c05f5d1a18aa70487581809de52c5a585ff4c28e
  2.   SOURCES
  3.   openssl-1.0.2g-disable-sslv2v3.patch
Blob History Raw
c05f5d 
diff -up openssl-1.0.2g/ssl/ssl_lib.c.v2v3 openssl-1.0.2g/ssl/ssl_lib.c
c05f5d 
--- openssl-1.0.2g/ssl/ssl_lib.c.v2v3	2016-03-01 16:38:26.879142021 +0100
c05f5d 
+++ openssl-1.0.2g/ssl/ssl_lib.c	2016-03-01 16:41:32.977353769 +0100
c05f5d 
@@ -2055,11 +2055,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
c05f5d 
     ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
c05f5d
c05f5d 
     /*
c05f5d 
-     * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
c05f5d 
-     * explicitly clear this option via either of SSL_CTX_clear_options() or
c05f5d 
+     * Disable SSLv2 and SSLv3 by default, callers that want to enable these will have to
c05f5d 
+     * explicitly clear these options via either of SSL_CTX_clear_options() or
c05f5d 
      * SSL_clear_options().
c05f5d 
      */
c05f5d 
-    ret->options |= SSL_OP_NO_SSLv2;
c05f5d 
+    ret->options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
c05f5d
c05f5d 
     return (ret);
c05f5d 
  err:

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation