Project

General

Profile

« Previous | Next » 

Revision 48110

merge revision(s) 45274,45278,45280,48097: [Backport #9424]

* lib/openssl/ssl.rb: Explicitly whitelist the default
  SSL/TLS ciphers. Forbid SSLv2 and SSLv3, disable
  compression by default.
  Reported by Jeff Hodges.
  [ruby-core:59829] [Bug #9424]

* test/openssl/test_ssl.rb: Reuse TLS default options from
  OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.

* ext/openssl/lib/openssl/ssl.rb (DEFAULT_PARAMS): override
  options even if OpenSSL::SSL::OP_NO_SSLv3 is not defined.
  this is pointed out by Stephen Touset. [ruby-core:65711] [Bug #9424]