[
https://issues.apache.org/jira/browse/TS-3135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Leif Hedstrom updated TS-3135:
------------------------------
Fix Version/s: 5.2.0
> Disable SSLv3 by default
> ------------------------
>
> Key: TS-3135
> URL: https://issues.apache.org/jira/browse/TS-3135
> Project: Traffic Server
> Issue Type: Improvement
> Components: Security, SSL
> Reporter: Leif Hedstrom
> Assignee: Leif Hedstrom
> Fix For: 5.2.0
>
>
> In response to
> http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
> we should consider changing the default in RecordsConfig.cc:
> {code}
> gmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
> index 0146cf9..2f78e31 100644
> --- a/mgmt/RecordsConfig.cc
> +++ b/mgmt/RecordsConfig.cc
> @@ -1224,7 +1224,7 @@ RecordElement RecordsConfig[] = {
> ,
> {RECT_CONFIG, "proxy.config.ssl.SSLv2", RECD_INT, "0", RECU_RESTART_TS,
> RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
> ,
> - {RECT_CONFIG, "proxy.config.ssl.SSLv3", RECD_INT, "1", RECU_RESTART_TS,
> RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
> + {RECT_CONFIG, "proxy.config.ssl.SSLv3", RECD_INT, "0", RECU_RESTART_TS,
> RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
> ,
> {RECT_CONFIG, "proxy.config.ssl.TLSv1", RECD_INT, "1", RECU_RESTART_TS,
> RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
> ,
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
