| remote.c (8d8f1862) | remote.c (3c667526) |
|---|---|
| 1/* 2 * remote.c - remote control for the NSD daemon. 3 * 4 * Copyright (c) 2008, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 249 unchanged lines hidden (view full) --- 258 259 rc->ctx = SSL_CTX_new(SSLv23_server_method()); 260 if(!rc->ctx) { 261 log_crypto_err("could not SSL_CTX_new"); 262 free(rc); 263 return NULL; 264 } 265 /* no SSLv2, SSLv3 because has defects */ | 1/* 2 * remote.c - remote control for the NSD daemon. 3 * 4 * Copyright (c) 2008, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 249 unchanged lines hidden (view full) --- 258 259 rc->ctx = SSL_CTX_new(SSLv23_server_method()); 260 if(!rc->ctx) { 261 log_crypto_err("could not SSL_CTX_new"); 262 free(rc); 263 return NULL; 264 } 265 /* no SSLv2, SSLv3 because has defects */ |
| 266 if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){ | 266 if((SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2) 267 != SSL_OP_NO_SSLv2){ |
| 267 log_crypto_err("could not set SSL_OP_NO_SSLv2"); 268 daemon_remote_delete(rc); 269 return NULL; 270 } | 268 log_crypto_err("could not set SSL_OP_NO_SSLv2"); 269 daemon_remote_delete(rc); 270 return NULL; 271 } |
| 271 if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){ | 272 if((SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3) 273 != SSL_OP_NO_SSLv3){ |
| 272 log_crypto_err("could not set SSL_OP_NO_SSLv3"); 273 daemon_remote_delete(rc); 274 return NULL; 275 } 276 s_cert = cfg->server_cert_file; 277 s_key = cfg->server_key_file; 278 VERBOSITY(2, (LOG_INFO, "setup SSL certificates")); 279 if (!SSL_CTX_use_certificate_file(rc->ctx,s_cert,SSL_FILETYPE_PEM)) { --- 1882 unchanged lines hidden --- | 274 log_crypto_err("could not set SSL_OP_NO_SSLv3"); 275 daemon_remote_delete(rc); 276 return NULL; 277 } 278 s_cert = cfg->server_cert_file; 279 s_key = cfg->server_key_file; 280 VERBOSITY(2, (LOG_INFO, "setup SSL certificates")); 281 if (!SSL_CTX_use_certificate_file(rc->ctx,s_cert,SSL_FILETYPE_PEM)) { --- 1882 unchanged lines hidden --- |