diff options
| author | jkim <jkim@FreeBSD.org> | 2015-03-25 18:56:36 +0000 |
|---|---|---|
| committer | jkim <jkim@FreeBSD.org> | 2015-03-25 18:56:36 +0000 |
| commit | 3cb01b490fb3c86f7870444b59e6c9e7cfab65b1 (patch) | |
| tree | f3c94d6e7589a2633e5c7f575000b0574934a9cb /lib/libfetch/common.c | |
| parent | d086a74d2e739152484187fc35c11ab1a6dda314 (diff) | |
| download | FreeBSD-src-3cb01b490fb3c86f7870444b59e6c9e7cfab65b1.zip FreeBSD-src-3cb01b490fb3c86f7870444b59e6c9e7cfab65b1.tar.gz | |
Remove defunct SSLv2 support from fetch(1) and fetch(3).
Diffstat (limited to 'lib/libfetch/common.c')
| -rw-r--r-- | lib/libfetch/common.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c index eabea2b..3095e06 100644 --- a/lib/libfetch/common.c +++ b/lib/libfetch/common.c @@ -672,9 +672,7 @@ fetch_ssl_setup_transport_layer(SSL_CTX *ctx, int verbose) { long ssl_ctx_options; - ssl_ctx_options = SSL_OP_ALL | SSL_OP_NO_TICKET; - if (getenv("SSL_ALLOW_SSL2") == NULL) - ssl_ctx_options |= SSL_OP_NO_SSLv2; + ssl_ctx_options = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_TICKET; if (getenv("SSL_ALLOW_SSL3") == NULL) ssl_ctx_options |= SSL_OP_NO_SSLv3; if (getenv("SSL_NO_TLS1") != NULL) |
