if this applied, pls remove the extra newline
On Mon, Aug 6, 2018 at 12:02 PM, Darrell Ball <[email protected]> wrote:
> Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by
> default")
> CC: Timothy Redaelli <[email protected]>
> Signed-off-by: Darrell Ball <[email protected]>
> ---
> lib/stream-ssl.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
> index f3d623c..03aa972 100644
> --- a/lib/stream-ssl.c
> +++ b/lib/stream-ssl.c
> @@ -1188,7 +1188,9 @@ stream_ssl_set_protocols(const char *arg)
> }
>
> /* Start with all the flags off and turn them on as requested. */
> - long protocol_flags = SSL_OP_NO_SSL_MASK;
> + long protocol_flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
> SSL_OP_NO_TLSv1;
> + protocol_flags |= SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
> +
>
> char *s = xstrdup(arg);
> char *save_ptr = NULL;
> --
> 1.9.1
>
>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
