Browse Source

[mod_gnutls] fix beast workaround (force RC4 on TLS1.0 and SSL3.0)

personal/stbuehler/wip
Stefan Bühler 9 years ago
parent
commit
c49cf3696f
  1. 4
      src/modules/mod_gnutls.c

4
src/modules/mod_gnutls.c

@ -412,9 +412,9 @@ static gboolean gnutls_setup(liServer *srv, liPlugin* p, liValue *val, gpointer
if (protect_against_beast) {
g_string_assign(s, priority);
g_string_append_len(s, CONST_STR_LEN(":-CIPHER-ALL:+ARCFOUR-128"));
if (GNUTLS_E_SUCCESS != (r = gnutls_priority_init(&prio, priority, &errpos))) {
if (GNUTLS_E_SUCCESS != (r = gnutls_priority_init(&prio, s->str, &errpos))) {
ERROR(srv, "gnutls_priority_init failed(priority '%s', error at '%s') (%s): %s",
priority, errpos,
s->str, errpos,
gnutls_strerror_name(r), gnutls_strerror(r));
goto error_free_ctx;
}

Loading…
Cancel
Save