Advertisement
chrisstone

Patch to force SSLv2 Handshake Compatibility

Oct 20th, 2014
689
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 1.43 KB | None | 0 0
  1. --- ssl_engine_init.c.orig      2014-10-20 14:41:10.914064521 +0000
  2. +++ ssl_engine_init.c   2014-10-20 14:42:48.969070860 +0000
  3. @@ -481,33 +481,10 @@
  4.      ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s,
  5.                   "Creating new SSL context (protocols: %s)", cp);
  6.  
  7. -    if (protocol == SSL_PROTOCOL_SSLV3) {
  8. -        method = mctx->pkp ?
  9. -            SSLv3_client_method() : /* proxy */
  10. -            SSLv3_server_method();  /* server */
  11. -    }
  12. -    else if (protocol == SSL_PROTOCOL_TLSV1) {
  13. -        method = mctx->pkp ?
  14. -            TLSv1_client_method() : /* proxy */
  15. -            TLSv1_server_method();  /* server */
  16. -    }
  17. -#ifdef HAVE_TLSV1_X
  18. -    else if (protocol == SSL_PROTOCOL_TLSV1_1) {
  19. -        method = mctx->pkp ?
  20. -            TLSv1_1_client_method() : /* proxy */
  21. -            TLSv1_1_server_method();  /* server */
  22. -    }
  23. -    else if (protocol == SSL_PROTOCOL_TLSV1_2) {
  24. -        method = mctx->pkp ?
  25. -            TLSv1_2_client_method() : /* proxy */
  26. -            TLSv1_2_server_method();  /* server */
  27. -    }
  28. -#endif
  29. -    else { /* For multiple protocols, we need a flexible method */
  30. -        method = mctx->pkp ?
  31. -            SSLv23_client_method() : /* proxy */
  32. -            SSLv23_server_method();  /* server */
  33. -    }
  34. +    method = mctx->pkp ?
  35. +        SSLv23_client_method() : /* proxy */
  36. +        SSLv23_server_method();  /* server */
  37. +
  38.      ctx = SSL_CTX_new(method);
  39.  
  40.      mctx->ssl_ctx = ctx;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement