diff options
| author | Attila Molnar <attilamolnar@hush.com> | 2015-03-11 23:53:10 +0100 |
|---|---|---|
| committer | Attila Molnar <attilamolnar@hush.com> | 2015-03-12 19:35:07 +0100 |
| commit | 1bee18fcf4fef8122d4b7f0872497e0a15bc8d53 (patch) | |
| tree | 047795b0665e1270802f998901b217eae091381d /modules/extra/m_ssl_openssl.cpp | |
| parent | a57e41304f80ed332912115a22b08fde03bda893 (diff) | |
m_ssl_openssl: Allow disabling SSLv3 via the config
Diffstat (limited to 'modules/extra/m_ssl_openssl.cpp')
| -rw-r--r-- | modules/extra/m_ssl_openssl.cpp | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/modules/extra/m_ssl_openssl.cpp b/modules/extra/m_ssl_openssl.cpp index 67ab6164c..c26c63655 100644 --- a/modules/extra/m_ssl_openssl.cpp +++ b/modules/extra/m_ssl_openssl.cpp @@ -162,6 +162,20 @@ class SSLModule : public Module Log() << "Unable to open private key " << this->keyfile; } + // Allow disabling SSLv3 + if (!config->Get<Anope::string>("sslv3").empty()) + { + if (config->Get<bool>("sslv3")) + { + SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3); + SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3); + } + else + { + SSL_CTX_set_options(client_ctx, SSL_OP_NO_SSLv3); + SSL_CTX_set_options(server_ctx, SSL_OP_NO_SSLv3); + } + } } void OnPreServerConnect() anope_override |