commit 16f2d00d379a0e3ecfcfe10327585336c8366469
parent 5855a88862a8e81b3a892a848a1c23f1076df012
Author: Joris Vink <joris@coders.se>
Date: Tue, 14 Oct 2014 15:03:04 +0200
No more SSLv3 allowed.
Diffstat:
1 file changed, 1 insertion(+), 0 deletions(-)
diff --git a/src/domain.c b/src/domain.c
@@ -130,6 +130,7 @@ kore_domain_sslstart(struct kore_domain *dom)
SSL_CTX_set_mode(dom->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_SSLv2);
+ SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
SSL_CTX_set_cipher_list(dom->ssl_ctx, kore_ssl_cipher_list);
