From aa9da0916432f5fb632d715b3bcc1089760a8c18 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Tue, 17 Feb 2015 15:14:33 +0100
Subject: Disable SSLv3

Change-Id: I25328f60e211387f5d3fbcd6de155b7b8956c0f9
License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.

diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index ed204e0..a3e0e1d 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -42,7 +42,7 @@ static void freeX509Stack(STACK_OF(X509)* stack) {
 OpenSSLContext::OpenSSLContext() : state_(Start), context_(0), handle_(0), readBIO_(0), writeBIO_(0) {
 	ensureLibraryInitialized();
 	context_ = SSL_CTX_new(SSLv23_client_method());
-	SSL_CTX_set_options(context_, SSL_OP_NO_SSLv2);
+	SSL_CTX_set_options(context_, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
 
 	// TODO: implement CRL checking
 	// TODO: download CRL (HTTP transport)
-- 
cgit v0.10.2-6-g49f6