[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/release-0.2.2] Log at info level when disabling SSLv3

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/release-0.2.2] Log at info level when disabling SSLv3
From: arma@xxxxxxxxxxxxxx
Date: Thu, 5 Jan 2012 23:28:43 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 05 Jan 2012 18:29:17 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Robert Ransom <rransom.8774@xxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 4752b348793f599cbdc93d0503d18def03e45c7a
Author: Robert Ransom <rransom.8774@xxxxxxxxx>
Date:   Wed Jan 4 20:41:28 2012 -0800

    Log at info level when disabling SSLv3
---
 src/common/tortls.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 22b0e31..d88a59b 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -771,6 +771,12 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
       (SSLeay() >= 0x00909000L &&
        SSLeay() <  0x1000006fL)) {
     /* And not SSL3 if it's subject to CVE-2011-4657. */
+    log_info(LD_NET, "Disabling SSLv3 because this OpenSSL version "
+             "might otherwise be vulnerable to CVE-2011-4657 "
+             "(compile-time version %08lx (%s); "
+             "runtime version %08lx (%s))",
+             OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
+             SSLeay(), SSLeay_version(SSLEAY_VERSION));
     SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
   }
 



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/release-0.2.2] Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Next by Author: [tor-commits] [tor/release-0.2.2] Merge branch 'maint-0.2.2' into release-0.2.2
Previous by thread: [tor-commits] [tor/release-0.2.2] Merge branch 'bug4822_021_v2_squashed' into maint-0.2.1
Next by thread: [tor-commits] [tor/release-0.2.2] fold in the next 0.2.2 changes
Index(es):
- Author
- Thread