rpms / xchat

Clone
Source Code
GIT

Blame 0001-Don-t-force-the-use-of-SSLv3.patch

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f7 f8 f9 main rawhide
  1.   f26
  2.   0001-Don-t-force-the-use-of-SSLv3.patch
Blob History Raw
Debarshi Ray 0d239d3 
From 527eb322a5bfa97d5716e7f8178e319c515065a2 Mon Sep 17 00:00:00 2001
Debarshi Ray 0d239d3 
From: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Debarshi Ray 0d239d3 
Date: Mon, 20 Oct 2014 10:08:26 -0400
Debarshi Ray 0d239d3 
Subject: [PATCH] Don't force the use of SSLv3.
Debarshi Ray 0d239d3
Debarshi Ray 0d239d3 
SSLv3 should no longer be used for security reasons. Let the best
Debarshi Ray 0d239d3 
connection method be automatically determined by using SSLv23_client_method()
Debarshi Ray 0d239d3 
and SSLv23_server_method().
Debarshi Ray 0d239d3 
---
Debarshi Ray 0d239d3 
 src/common/ssl.c | 4 ++--
Debarshi Ray 0d239d3 
 1 file changed, 2 insertions(+), 2 deletions(-)
Debarshi Ray 0d239d3
Debarshi Ray 0d239d3 
diff --git a/src/common/ssl.c b/src/common/ssl.c
Debarshi Ray 0d239d3 
index a18ad47..35eb237 100644
Debarshi Ray 0d239d3 
--- a/src/common/ssl.c
Debarshi Ray 0d239d3 
+++ b/src/common/ssl.c
Debarshi Ray 0d239d3 
@@ -70,7 +70,7 @@ _SSL_context_init (void (*info_cb_func), int server)
Debarshi Ray 0d239d3
Debarshi Ray 0d239d3 
 	SSLeay_add_ssl_algorithms ();
Debarshi Ray 0d239d3 
 	SSL_load_error_strings ();
Debarshi Ray 0d239d3 
-	ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
Debarshi Ray 0d239d3 
+	ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
Debarshi Ray 0d239d3
Debarshi Ray 0d239d3 
 	SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
Debarshi Ray 0d239d3 
 	SSL_CTX_set_timeout (ctx, 300);
Debarshi Ray 0d239d3 
@@ -281,7 +281,7 @@ _SSL_socket (SSL_CTX *ctx, int sd)
Debarshi Ray 0d239d3 
 		__SSL_critical_error ("SSL_new");
Debarshi Ray 0d239d3
Debarshi Ray 0d239d3 
 	SSL_set_fd (ssl, sd);
Debarshi Ray 0d239d3 
-	if (ctx->method == SSLv3_client_method())
Debarshi Ray 0d239d3 
+	if (ctx->method == SSLv23_client_method())
Debarshi Ray 0d239d3 
 		SSL_set_connect_state (ssl);
Debarshi Ray 0d239d3 
 	else
Debarshi Ray 0d239d3 
 	        SSL_set_accept_state(ssl);
Debarshi Ray 0d239d3 
--
Debarshi Ray 0d239d3 
2.1.0
Debarshi Ray 0d239d3
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.