Skip to content
Snippets Groups Projects
Commit 4752b348 authored by Robert Ransom's avatar Robert Ransom Committed by Nick Mathewson
Browse files

Log at info level when disabling SSLv3

parent 0a00678e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 6 additions and 0 deletions
src/common/tortls.c
+ 6
0
View file @ 4752b348
......@@ -771,6 +771,12 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
(SSLeay() >= 0x00909000L &&
SSLeay() < 0x1000006fL)) {
/* And not SSL3 if it's subject to CVE-2011-4657. */
log_info(LD_NET, "Disabling SSLv3 because this OpenSSL version "
"might otherwise be vulnerable to CVE-2011-4657 "
"(compile-time version %08lx (%s); "
"runtime version %08lx (%s))",
OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
SSLeay(), SSLeay_version(SSLEAY_VERSION));
SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment