aniani/irssi
1
0
Fork 0
mirror of https://github.com/irssi/irssi.git synced 2025-02-02 15:08:01 -05:00
Code

irssiproxy: Use TLS 1.0/1.1/1.2, disable SSLv2 and SSLv3

Browse Source
This commit is contained in:
dequis 2015-06-27 13:13:03 -03:00
parent e2dfd6d165
commit b68c81f767
2 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/irc/proxy/listen.c
View File

@ -648,14 +648,14 @@ static void add_listen(const char *ircnet, int port, char *sslcert)
if(sslcert != NULL) {
rec->use_ssl = TRUE;
rec->ssl_method = SSLv3_server_method(); /* let's start with 3 */
rec->ssl_ctx = SSL_CTX_new(rec->ssl_method);
rec->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if(rec->ssl_ctx == NULL) {
printtext(NULL, NULL, MSGLEVEL_CLIENTERROR,
"Proxy: Error setting up SSL Context for port %d failed.",
rec->port);
goto error;
}
SSL_CTX_set_options(rec->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
if(SSL_CTX_use_certificate_file(rec->ssl_ctx, sslcert, SSL_FILETYPE_PEM) <= 0) {
printtext(NULL, NULL, MSGLEVEL_CLIENTERROR, "Proxy: Error loading certificate.");

1
src/irc/proxy/proxy.h
View File

@ -24,7 +24,6 @@ typedef struct {
GSList *clients;
unsigned int use_ssl;
SSL_CTX *ssl_ctx;
SSL_METHOD *ssl_method;
} LISTEN_REC;
typedef struct {