wok-next view xchat/stuff/patches/ssl.patch @ rev 21077
rgb: fix build
author | Aleksej Bobylev <al.bobylev@gmail.com> |
---|---|
date | Fri Dec 21 04:44:58 2018 +0200 (2018-12-21) |
parents | |
children |
line source
1 From 527eb322a5bfa97d5716e7f8178e319c515065a2 Mon Sep 17 00:00:00 2001
2 From: Marc Deslauriers <marc.deslauriers@ubuntu.com>
3 Date: Mon, 20 Oct 2014 10:08:26 -0400
4 Subject: [PATCH] Don't force the use of SSLv3.
6 SSLv3 should no longer be used for security reasons. Let the best
7 connection method be automatically determined by using SSLv23_client_method()
8 and SSLv23_server_method().
9 ---
10 src/common/ssl.c | 4 ++--
11 1 file changed, 2 insertions(+), 2 deletions(-)
13 diff --git a/src/common/ssl.c b/src/common/ssl.c
14 index a18ad47..35eb237 100644
15 --- a/src/common/ssl.c
16 +++ b/src/common/ssl.c
17 @@ -70,7 +70,7 @@ _SSL_context_init (void (*info_cb_func), int server)
19 SSLeay_add_ssl_algorithms ();
20 SSL_load_error_strings ();
21 - ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
22 + ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
24 SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
25 SSL_CTX_set_timeout (ctx, 300);
26 @@ -281,7 +281,7 @@ _SSL_socket (SSL_CTX *ctx, int sd)
27 __SSL_critical_error ("SSL_new");
29 SSL_set_fd (ssl, sd);
30 - if (ctx->method == SSLv3_client_method())
31 + if (ctx->method == SSLv23_client_method())
32 SSL_set_connect_state (ssl);
33 else
34 SSL_set_accept_state(ssl);
35 --
36 2.1.0