diff options
author | Alan Antonuk <alan.antonuk@gmail.com> | 2015-10-20 21:55:17 -0700 |
---|---|---|
committer | Alan Antonuk <alan.antonuk@gmail.com> | 2015-10-22 20:34:29 -0700 |
commit | 9b4b93304939a474abf042a9dde2e2b3a822f8f6 (patch) | |
tree | 263f46f91cdcf000337ac0101b3b96c63bf0f624 | |
parent | 26a53d29bd32809e07687ef6515d48ef7d07f0b8 (diff) | |
download | rabbitmq-c-9b4b93304939a474abf042a9dde2e2b3a822f8f6.tar.gz |
Lib: disable SSLv2 and SSLv3.
SSLv2 and SSLv3 are outdated, and contain serious security vulnerabilities.
Disable these outdated protocols so they cannot be used.
-rw-r--r-- | librabbitmq/amqp_openssl.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/librabbitmq/amqp_openssl.c b/librabbitmq/amqp_openssl.c index 651353b..93ccf95 100644 --- a/librabbitmq/amqp_openssl.c +++ b/librabbitmq/amqp_openssl.c @@ -425,6 +425,8 @@ amqp_ssl_socket_new(amqp_connection_state_t state) if (!self->ctx) { goto error; } + /* Disable SSLv2 and SSLv3 */ + SSL_CTX_set_options(self->ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); amqp_set_socket(state, (amqp_socket_t *)self); |