nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 12:23:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Log at info level when disabling SSLv3

Browse Source
This commit is contained in:
Robert Ransom 2012-01-04 20:41:28 -08:00 committed by Nick Mathewson
parent 0a00678e56
commit 4752b34879
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/common/tortls.c
View File

@ -771,6 +771,12 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
(SSLeay() >= 0x00909000L &&
SSLeay() < 0x1000006fL)) {
/* And not SSL3 if it's subject to CVE-2011-4657. */
log_info(LD_NET, "Disabling SSLv3 because this OpenSSL version "
"might otherwise be vulnerable to CVE-2011-4657 "
"(compile-time version %08lx (%s); "
"runtime version %08lx (%s))",
OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
SSLeay(), SSLeay_version(SSLEAY_VERSION));
SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
}