github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

LibsslTLSContext: Remove weak cipher suite

pull/141/head
Tatsuhiro Tsujikawa 2013-10-08 21:24:10 +09:00
parent 98d88ec6d5
commit 33293bcd5a
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/LibsslTLSContext.cc
View File

@ -98,6 +98,7 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side)
good_ = false;
A2_LOG_ERROR(fmt("SSL_CTX_new() failed. Cause: %s",
ERR_error_string(ERR_get_error(), 0)));
return;
}
// Disable SSLv2 and enable all workarounds for buggy servers
SSL_CTX_set_options(sslCtx_, SSL_OP_ALL | SSL_OP_NO_SSLv2
@ -111,6 +112,11 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side)
/* keep memory usage low */
SSL_CTX_set_mode(sslCtx_, SSL_MODE_RELEASE_BUFFERS);
#endif
if(SSL_CTX_set_cipher_list(sslCtx_, "HIGH:!aNULL:!eNULL") == 0) {
good_ = false;
A2_LOG_ERROR(fmt("SSL_CTX_set_cipher_list() failed. Cause: %s",
ERR_error_string(ERR_get_error(), nullptr)));
}
}
OpenSSLTLSContext::~OpenSSLTLSContext()