nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 05:33:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/maint-0.2.2'

Browse Source
This commit is contained in:
Nick Mathewson 2012-01-09 16:40:42 -05:00
commit 1e5d66997b
1 changed files with 4 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/common/tortls.c
View File

@ -1160,15 +1160,10 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
} }
#if 0 #if 0
/* Tell OpenSSL to only use TLS1. This would actually break compatibility /* Tell OpenSSL to only use TLS1. This may have subtly different results
* with clients that are configured to use SSLv23_method(), so we should * from SSLv23_method() with SSLv2 and SSLv3 disabled, so we need to do some
* probably never use it. * investigation before we consider adjusting it. It should be compatible
*/ * with existing Tors. */
/* XXX wanoskarnet says this comment is bunk -- that even if we turn
* this line on, clients configured to use SSLv23 would still able to
* talk to us. But he also says it's ok to leave it out. I suggest we
* delete this whole clause (the one that's #if 0'ed out). I'll leave
* it in place until Nick expresses an opinion. -RD */
if (!(result->ctx = SSL_CTX_new(TLSv1_method()))) if (!(result->ctx = SSL_CTX_new(TLSv1_method())))
goto error; goto error;
#endif #endif