Skip to content
Snippets Groups Projects
Commit baa9fcf8 authored by Seva's avatar Seva Committed by Adrien Béraud
Browse files

dhtproxy: disable renegotiation only if supported

parent 04a383c4
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/dht_proxy_server.cpp
+ 2
0
View file @ baa9fcf8
...@@ -230,7 +230,9 @@ DhtProxyServer::DhtProxyServer( ...@@ -230,7 +230,9 @@ DhtProxyServer::DhtProxyServer(
if (ec) if (ec)
throw std::runtime_error("Error setting tls context options: " + ec.message()); throw std::runtime_error("Error setting tls context options: " + ec.message());
// add more security options // add more security options
#ifdef SSL_OP_NO_RENEGOTIATION
SSL_CTX_set_options(tls_context.native_handle(), SSL_OP_NO_RENEGOTIATION); // CVE-2009-3555 SSL_CTX_set_options(tls_context.native_handle(), SSL_OP_NO_RENEGOTIATION); // CVE-2009-3555
#endif
// node private key // node private key
auto pk = identity.first->serialize(); auto pk = identity.first->serialize();
pk_ = std::make_unique<asio::const_buffer>(static_cast<void*>(pk.data()), (std::size_t) pk.size()); pk_ = std::make_unique<asio::const_buffer>(static_cast<void*>(pk.data()), (std::size_t) pk.size());
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment