|
Line 0
Link Here
|
|
|
1 |
diff -urN webjob-1.9.0.old/tools/webjob-dsvtool/ssl.c webjob-1.9.0.new/tools/webjob-dsvtool/ssl.c |
| 2 |
--- tools/webjob-dsvtool/ssl.c 2012-01-07 02:56:14.000000000 -0500 |
| 3 |
+++ tools/webjob-dsvtool/ssl.c 2016-01-13 17:18:29.073028573 -0500 |
| 4 |
@@ -251,7 +251,7 @@ |
| 5 |
* |
| 6 |
********************************************************************* |
| 7 |
*/ |
| 8 |
- psProperties->psslCTX = SSL_CTX_new(SSLv3_client_method()); |
| 9 |
+ psProperties->psslCTX = SSL_CTX_new(SSLv23_client_method()); |
| 10 |
if (psProperties->psslCTX == NULL) |
| 11 |
{ |
| 12 |
ERR_error_string(ERR_get_error(), acLocalError); |
| 13 |
@@ -262,6 +262,33 @@ |
| 14 |
/*- |
| 15 |
********************************************************************* |
| 16 |
* |
| 17 |
+ * Disable protocol versions that are no longer safe to use. |
| 18 |
+ * |
| 19 |
+ ********************************************************************* |
| 20 |
+ */ |
| 21 |
+ SSL_CTX_set_options |
| 22 |
+ ( |
| 23 |
+ psProperties->psslCTX, |
| 24 |
+ ( |
| 25 |
+ 0 |
| 26 |
+#ifdef SSL_OP_NO_SSLv2 |
| 27 |
+ | SSL_OP_NO_SSLv2 |
| 28 |
+#endif |
| 29 |
+#ifdef SSL_OP_NO_SSLv3 |
| 30 |
+ | SSL_OP_NO_SSLv3 |
| 31 |
+#endif |
| 32 |
+#ifdef SSL_OP_NO_TLSv1 |
| 33 |
+ | SSL_OP_NO_TLSv1 |
| 34 |
+#endif |
| 35 |
+#ifdef SSL_OP_NO_TLSv1_1 |
| 36 |
+ | SSL_OP_NO_TLSv1_1 |
| 37 |
+#endif |
| 38 |
+ ) |
| 39 |
+ ); |
| 40 |
+ |
| 41 |
+ /*- |
| 42 |
+ ********************************************************************* |
| 43 |
+ * |
| 44 |
* Setup SSL certificate verification. Load the bundled certificate |
| 45 |
* authorities file. A common name (CN) and a positive chain length |
| 46 |
* must be specified to activate PEER verification. If you want to |