Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Disable SSLv2 in HTTPS client. This version of the protocol is considered insecure and has been deprecated; all modern browsers disable it. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
ea1d369d23c68f79fd65be999d6a5763 |
User & Date: | dmitry 2011-09-24 01:39:02.713 |
Context
2011-09-25
| ||
11:14 | Fix double LI tags when listing wiki attachments for users without permissions. ... (check-in: 12272b7f user: dmitry tags: trunk) | |
2011-09-24
| ||
01:39 | Disable SSLv2 in HTTPS client. This version of the protocol is considered insecure and has been deprecated; all modern browsers disable it. ... (check-in: ea1d369d user: dmitry tags: trunk) | |
2011-09-19
| ||
20:16 | Remove obsolete files ... (check-in: 1f498a6e user: drh tags: trunk) | |
Changes
Changes to src/http_ssl.c.
︙ | ︙ | |||
102 103 104 105 106 107 108 109 110 111 112 113 114 115 | if( sslIsInit==0 ){ SSL_library_init(); SSL_load_error_strings(); ERR_load_BIO_strings(); OpenSSL_add_all_algorithms(); sslCtx = SSL_CTX_new(SSLv23_client_method()); /* Set up acceptable CA root certificates */ zCaSetting = db_get("ssl-ca-location", 0); if( zCaSetting==0 || zCaSetting[0]=='\0' ){ /* CA location not specified, use platform's default certificate store */ X509_STORE_set_default_paths(SSL_CTX_get_cert_store(sslCtx)); }else{ | > > | 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 | if( sslIsInit==0 ){ SSL_library_init(); SSL_load_error_strings(); ERR_load_BIO_strings(); OpenSSL_add_all_algorithms(); sslCtx = SSL_CTX_new(SSLv23_client_method()); /* Disable SSLv2 */ SSL_CTX_set_options(sslCtx, SSL_OP_NO_SSLv2); /* Set up acceptable CA root certificates */ zCaSetting = db_get("ssl-ca-location", 0); if( zCaSetting==0 || zCaSetting[0]=='\0' ){ /* CA location not specified, use platform's default certificate store */ X509_STORE_set_default_paths(SSL_CTX_get_cert_store(sslCtx)); }else{ |
︙ | ︙ |