summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2015-02-17 14:14:33 (GMT)
committerZash <zash@zash.se>2015-02-17 14:35:27 (GMT)
commitaa9da0916432f5fb632d715b3bcc1089760a8c18 (patch)
tree9b106589cda459446b8ad923e7f0c0097165e70b
parent55461d1b5f97591b4ab9510896ca1bc5b5e2a71f (diff)
downloadswift-aa9da0916432f5fb632d715b3bcc1089760a8c18.zip
swift-aa9da0916432f5fb632d715b3bcc1089760a8c18.tar.bz2
Disable SSLv3
Change-Id: I25328f60e211387f5d3fbcd6de155b7b8956c0f9 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index ed204e0..a3e0e1d 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -42,7 +42,7 @@ static void freeX509Stack(STACK_OF(X509)* stack) {
OpenSSLContext::OpenSSLContext() : state_(Start), context_(0), handle_(0), readBIO_(0), writeBIO_(0) {
ensureLibraryInitialized();
context_ = SSL_CTX_new(SSLv23_client_method());
- SSL_CTX_set_options(context_, SSL_OP_NO_SSLv2);
+ SSL_CTX_set_options(context_, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
// TODO: implement CRL checking
// TODO: download CRL (HTTP transport)