[ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

Darrell Ball dlu998 at gmail.com
Mon Aug 6 19:02:42 UTC 2018


Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default")
CC: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
---
 lib/stream-ssl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index f3d623c..03aa972 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -1188,7 +1188,9 @@ stream_ssl_set_protocols(const char *arg)
     }
 
     /* Start with all the flags off and turn them on as requested. */
-    long protocol_flags = SSL_OP_NO_SSL_MASK;
+    long protocol_flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1;
+    protocol_flags |= SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
+
 
     char *s = xstrdup(arg);
     char *save_ptr = NULL;
-- 
1.9.1



More information about the dev mailing list