2014-10-22
2014-10-22 09:29:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>
-
28c23650ce1d4e2ed00bd853d41b88e0ddea86cb
(5 lines)
(+4/-1)
[
Show
| Annotate
]
Branch: 28c23650ce1d4e2ed00bd853d41b88e0ddea86cb
SSL: Disable support for SSL 3.0 by default.
Requires recent Pike 7.8 or later.
Blocks the POODLE attack.
2250:
return; \
} while (0)
- #if constant(SSL.ServerConnection)
+ #if constant(SSL.Constants.PROTOCOL_TLS_MAX)
protected void set_version()
{
ctx->min_version = query("ssl_min_version");
2568: Inside #if constant(SSL.ServerConnection)
#if constant(SSL.ServerConnection)
getvar("ssl_key_bits")->set_changed_callback(filter_preferred_suites);
getvar("ssl_suite_filter")->set_changed_callback(filter_preferred_suites);
+ #endif
+ #if constant(SSL.Constants.PROTOCOL_TLS_MAX)
getvar("ssl_min_version")->set_changed_callback(set_version);
#endif
}