projects / packages / ejabberd.git / blame
| Commit | Line | Data |
|---|---|---|
| beed1a42 AM |
1 | --- a/deps/fast_tls/c_src/fast_tls_drv.c~ 2016-07-08 11:19:35.000000000 +0200 |
| 2 | +++ b/deps/fast_tls/c_src/fast_tls_drv.c 2016-08-04 16:52:34.323491442 +0200 | |
| 3 | @@ -56,7 +56,7 @@ typedef unsigned __int32 uint32_t; | |
| c4f8aa56 JK |
4 | #define SSL_OP_NO_TICKET 0 |
| 5 | #endif | |
| 6 | ||
| 5e08a6fd JK |
7 | -#define CIPHERS "DEFAULT:!EXPORT:!LOW:!RC4:!SSLv2" |
| 8 | +#define CIPHERS "DEFAULT:!EXPORT:!LOW:!RC4:!SSLv2:!3DES" | |
| c4f8aa56 | 9 | |
| beed1a42 AM |
10 | /* Wrappers around driver_alloc() that check */ |
| 11 | /* for OOM. */ | |
| 12 | @@ -711,13 +711,13 @@ static ErlDrvSSizeT tls_drv_control(ErlD | |
| c4f8aa56 JK |
13 | SSL_set_bio(d->ssl, d->bio_read, d->bio_write); |
| 14 | ||
| 15 | if (command == SET_CERTIFICATE_FILE_ACCEPT) { | |
| c6f5b587 AM |
16 | - options |= (SSL_OP_NO_TICKET|SSL_OP_ALL|SSL_OP_NO_SSLv2); |
| 17 | + options |= (SSL_OP_NO_TICKET|SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3); | |
| 18 | ||
| 19 | SSL_set_options(d->ssl, options); | |
| c4f8aa56 JK |
20 | |
| 21 | SSL_set_accept_state(d->ssl); | |
| 22 | } else { | |
| c6f5b587 AM |
23 | - options |= (SSL_OP_NO_TICKET|SSL_OP_NO_SSLv2); |
| 24 | + options |= (SSL_OP_NO_TICKET|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3); | |
| 25 | ||
| 26 | SSL_set_options(d->ssl, options); | |
| 27 | ||
| 28 |