|
|
5a0c73f |
From 84f2299f6b3b56cf5342ad378c3641be548bf79c Mon Sep 17 00:00:00 2001
|
|
|
5a0c73f |
From: Felipe Zimmerle <fcosta@trustwave.com>
|
|
|
5a0c73f |
Date: Mon, 3 Nov 2014 10:13:21 -0800
|
|
|
5a0c73f |
Subject: [PATCH] mlogc: Changes the default SSL algo to TLS 1.2
|
|
|
5a0c73f |
|
|
|
5a0c73f |
As reported by Josh Amishav-Zlatin, mlogc was making usage of SSLv3 instead of
|
|
|
5a0c73f |
TLS 1.2. Servers should not answer SSLv3 after poodle.
|
|
|
5a0c73f |
---
|
|
|
5a0c73f |
mlogc/mlogc.c | 4 ++--
|
|
|
5a0c73f |
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
5a0c73f |
|
|
|
5a0c73f |
diff --git a/mlogc/mlogc.c b/mlogc/mlogc.c
|
|
|
5a0c73f |
index 4163230..c4b2a23 100644
|
|
|
5a0c73f |
--- a/mlogc/mlogc.c
|
|
|
5a0c73f |
+++ b/mlogc/mlogc.c
|
|
|
5a0c73f |
@@ -1218,8 +1218,8 @@ static void logc_init(void)
|
|
|
5a0c73f |
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
|
|
|
5a0c73f |
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
|
|
|
5a0c73f |
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
|
|
|
5a0c73f |
- /* SSLv3 works better overall as some servers have issues with TLS */
|
|
|
5a0c73f |
- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
|
|
|
5a0c73f |
+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
|
|
|
5a0c73f |
+
|
|
|
5a0c73f |
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 15);
|
|
|
5a0c73f |
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, TRUE);
|
|
|
5a0c73f |
curl_easy_setopt(curl, CURLOPT_HEADER, TRUE);
|
|
|
5a0c73f |
--
|
|
|
5a0c73f |
1.9.1
|