mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-05-12 15:41:35 +02:00
11e78f38b9
This is provided for compatibility with binaries that have been compiled against this version of OpenSSL. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
19 lines
831 B
Diff
19 lines
831 B
Diff
diff -up openssl-1.0.2g/ssl/ssl_lib.c.v2v3 openssl-1.0.2g/ssl/ssl_lib.c
|
|
--- openssl-1.0.2g/ssl/ssl_lib.c.v2v3 2016-03-01 16:38:26.879142021 +0100
|
|
+++ openssl-1.0.2g/ssl/ssl_lib.c 2016-03-01 16:41:32.977353769 +0100
|
|
@@ -2055,11 +2055,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
|
ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
|
|
|
|
/*
|
|
- * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
|
|
- * explicitly clear this option via either of SSL_CTX_clear_options() or
|
|
+ * Disable SSLv2 and SSLv3 by default, callers that want to enable these will have to
|
|
+ * explicitly clear these options via either of SSL_CTX_clear_options() or
|
|
* SSL_clear_options().
|
|
*/
|
|
- ret->options |= SSL_OP_NO_SSLv2;
|
|
+ ret->options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
|
|
|
|
return (ret);
|
|
err:
|