Project

General

Profile

Bug #9424 ยป ruby_ssl.patch

jmhodges (Jeff Hodges), 01/17/2014 10:28 AM

View differences:

ext/openssl/lib/openssl/ssl.rb
20 20
module OpenSSL
21 21
  module SSL
22 22
    class SSLContext
23
      options = OpenSSL::SSL::OP_ALL
24
      if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
25
        options &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
26
      end
27
      if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
28
        options |= OpenSSL::SSL::OP_NO_COMPRESSION
29
      end
23 30
      DEFAULT_PARAMS = {
24 31
        :ssl_version => "SSLv23",
25 32
        :verify_mode => OpenSSL::SSL::VERIFY_PEER,
26
        :ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",
27
        :options => defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS) ?
28
          OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS :
29
          OpenSSL::SSL::OP_ALL,
33
        :ciphers => "DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2",
34
        :options => options,
30 35
      }
31 36
      DEFAULT_CERT_STORE = OpenSSL::X509::Store.new