Disable SSL3.0 entirely as a Poodle fix.
authorColin Leroy <colin@colino.net>
Thu, 16 Oct 2014 12:35:46 +0000 (14:35 +0200)
committerColin Leroy <colin@colino.net>
Thu, 16 Oct 2014 12:37:41 +0000 (14:37 +0200)
src/common/ssl.c

index f612299..569c808 100644 (file)
@@ -323,7 +323,7 @@ gboolean ssl_init_socket(SockInfo *sockinfo)
                            sockinfo->gnutls_priority, r);
        }
        else {
-               gnutls_priority_set_direct(session, "NORMAL", NULL);
+               gnutls_priority_set_direct(session, "NORMAL:-VERS-SSL3.0", NULL);
        }
        gnutls_record_disable_padding(session);