hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed support for SSLv3

Browse Source 
SSLv3 can't be considered safe anymore so removing the support for it improves
MaxScale's security as a whole.
This commit is contained in:
Markus Makela
2016-03-08 15:22:35 +02:00
parent 18a3aa5e33
commit 60724172a4
3 changed files with 3 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/core/listener.c
View File

@ -80,11 +80,7 @@ listener_alloc(char *protocol, char *address, unsigned short port, char *authent
int
listener_set_ssl_version(SSL_LISTENER *ssl_listener, char* version)
{
if (strcasecmp(version,"SSLV3") == 0)
{
ssl_listener->ssl_method_type = SERVICE_SSLV3;
}
else if (strcasecmp(version,"TLSV10") == 0)
if (strcasecmp(version,"TLSV10") == 0)
{
ssl_listener->ssl_method_type = SERVICE_TLS10;
}
@ -147,9 +143,6 @@ listener_init_SSL(SSL_LISTENER *ssl_listener)
{
switch(ssl_listener->ssl_method_type)
{
case SERVICE_SSLV3:
ssl_listener->method = (SSL_METHOD*)SSLv3_server_method();
break;
case SERVICE_TLS10:
ssl_listener->method = (SSL_METHOD*)TLSv1_server_method();
break;