mirror of
https://github.com/moparisthebest/socat
synced 2024-12-21 14:38:48 -05:00
Red Hat issue 1019972: needs to specify OpenSSL cipher suites
This commit is contained in:
parent
d4c44ff649
commit
899bc6845d
4
CHANGES
4
CHANGES
@ -32,6 +32,10 @@ security:
|
||||
Red Hat issue 1019964: socat now uses the system certificate store with
|
||||
OPENSSL when neither options cafile nor capath are used
|
||||
|
||||
Red Hat issue 1019972: needs to specify OpenSSL cipher suites
|
||||
Default cipherlist is now "HIGH:-NULL:-PSK:-aNULL" instead of empty to
|
||||
prevent downgrade attacks
|
||||
|
||||
new features:
|
||||
OpenSSL addresses set couple of environment variables from values in
|
||||
peer certificate, e.g.:
|
||||
|
@ -717,7 +717,7 @@ int
|
||||
bool opt_fips = false;
|
||||
const SSL_METHOD *method;
|
||||
char *me_str = NULL; /* method string */
|
||||
char *ci_str = NULL; /* cipher string */
|
||||
char *ci_str = "HIGH:-NULL:-PSK:-aNULL"; /* cipher string */
|
||||
char *opt_key = NULL; /* file name of client private key */
|
||||
char *opt_dhparam = NULL; /* file name of DH params */
|
||||
char *opt_cafile = NULL; /* certificate authority file */
|
||||
|
Loading…
Reference in New Issue
Block a user