diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 4fe3374d98e..2569e3b68a1 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -433,8 +433,9 @@ namespace mongo { _getSSLErrorMessage(ERR_get_error()), context); - // Activate all bug workaround options, to support buggy client SSL's. - SSL_CTX_set_options(*context, SSL_OP_ALL); + // SSL_OP_ALL - Activate all bug workaround options, to support buggy client SSL's. + // SSL_OP_NO_SSLv2 - Disable SSL v2 support + SSL_CTX_set_options(*context, SSL_OP_ALL|SSL_OP_NO_SSLv2); // If renegotiation is needed, don't return from recv() or send() until it's successful. // Note: this is for blocking sockets only. |