[icinga-checkins] icinga.org: icinga2/master: Revert " Support TLSv1.1 and TLSv1.2 for the cluster transport encryption"

git at icinga.org git at icinga.org
Wed May 25 16:07:25 CEST 2016


Module: icinga2
Branch: master
Commit: 6d8b051c9e6dd432ad247ffa5c8ce4475999b496
URL:    https://git.icinga.org/?p=icinga2.git;a=commit;h=6d8b051c9e6dd432ad247ffa5c8ce4475999b496

Author: Michael Friedrich <michael.friedrich at netways.de>
Date:   Wed May 25 16:07:15 2016 +0200

Revert "Support TLSv1.1 and TLSv1.2 for the cluster transport encryption"

This reverts commit 1c67bf394cbcc92e103e1c35e4a3b8ee23e8c1bd.

---

 lib/base/tlsutility.cpp |    4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index 4a18e33..2bdea48 100644
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -83,9 +83,7 @@ boost::shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& pr
 
 	InitializeOpenSSL();
 
-	boost::shared_ptr<SSL_CTX> sslContext = boost::shared_ptr<SSL_CTX>(SSL_CTX_new(SSLv23_method()), SSL_CTX_free);
-
-	SSL_CTX_set_options(sslContext.get(), SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION);
+	boost::shared_ptr<SSL_CTX> sslContext = boost::shared_ptr<SSL_CTX>(SSL_CTX_new(TLSv1_method()), SSL_CTX_free);
 
 	SSL_CTX_set_mode(sslContext.get(), SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 	SSL_CTX_set_session_id_context(sslContext.get(), (const unsigned char *)"Icinga 2", 8);



More information about the icinga-checkins mailing list