Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch disable-sslv3 Excluding Merge-Ins
This is equivalent to a diff from 87185aa5dd to 06455d1e95
|
2014-12-18
| ||
| 15:40 | Disable the use of SSLv2 and SSLv3. Require TLS for HTTPS for security. ... (check-in: 7a44fddd3f user: drh tags: trunk) | |
| 15:28 | Tweaks to the default CSS for the /fileage page. ... (check-in: 64ae69e172 user: drh tags: trunk) | |
| 10:21 | Merge trunk. On MinGW, build openssl library without ssl2 and ssl3 support. ... (Closed-Leaf check-in: 06455d1e95 user: jan.nijtmans tags: disable-sslv3) | |
| 09:38 | Update custom Makefile ... (check-in: 87185aa5dd user: jan.nijtmans tags: trunk) | |
| 08:17 | Merge trunk. Disable SSLv3 without setting to re-enabled it. ... (check-in: d6e8e26d41 user: jan.nijtmans tags: disable-sslv3) | |
|
2014-12-17
| ||
| 21:13 | Report file ages as positive rather than negative values, even though the events occur back in time (in the negative direction). Users find negative values confusing. ... (check-in: 6e29ebbb77 user: drh tags: trunk) | |
Changes to src/http_ssl.c.
| ︙ | ︙ | |||
97 98 99 100 101 102 103 |
if( sslIsInit==0 ){
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
sslCtx = SSL_CTX_new(SSLv23_client_method());
| | | | 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 |
if( sslIsInit==0 ){
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
sslCtx = SSL_CTX_new(SSLv23_client_method());
/* Disable SSLv2 and SSLv3 */
SSL_CTX_set_options(sslCtx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
/* Set up acceptable CA root certificates */
zCaSetting = db_get("ssl-ca-location", 0);
if( zCaSetting==0 || zCaSetting[0]=='\0' ){
/* CA location not specified, use platform's default certificate store */
X509_STORE_set_default_paths(SSL_CTX_get_cert_store(sslCtx));
}else{
|
| ︙ | ︙ |
Changes to src/makemake.tcl.
| ︙ | ︙ | |||
546 547 548 549 550 551 552 553 554 555 556 557 558 559 | endif else SSLCONFIG = mingw64 ZLIBCONFIG = LIBTARGETS = endif ifndef FOSSIL_ENABLE_MINIZ SSLCONFIG += --with-zlib-lib=$(PWD)/$(ZLIBDIR) --with-zlib-include=$(PWD)/$(ZLIBDIR) zlib endif #### The directories where the OpenSSL include and library files are located. # The recommended usage here is to use the Sysinternals junction tool # to create a hard link between an "openssl-1.x" sub-directory of the | > | 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 | endif else SSLCONFIG = mingw64 ZLIBCONFIG = LIBTARGETS = endif SSLCONFIG += no-ssl2 no-ssl3 no-shared ifndef FOSSIL_ENABLE_MINIZ SSLCONFIG += --with-zlib-lib=$(PWD)/$(ZLIBDIR) --with-zlib-include=$(PWD)/$(ZLIBDIR) zlib endif #### The directories where the OpenSSL include and library files are located. # The recommended usage here is to use the Sysinternals junction tool # to create a hard link between an "openssl-1.x" sub-directory of the |
| ︙ | ︙ |
Changes to win/Makefile.mingw.
| ︙ | ︙ | |||
119 120 121 122 123 124 125 126 127 128 129 130 131 132 | endif else SSLCONFIG = mingw64 ZLIBCONFIG = LIBTARGETS = endif ifndef FOSSIL_ENABLE_MINIZ SSLCONFIG += --with-zlib-lib=$(PWD)/$(ZLIBDIR) --with-zlib-include=$(PWD)/$(ZLIBDIR) zlib endif #### The directories where the OpenSSL include and library files are located. # The recommended usage here is to use the Sysinternals junction tool # to create a hard link between an "openssl-1.x" sub-directory of the | > | 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 | endif else SSLCONFIG = mingw64 ZLIBCONFIG = LIBTARGETS = endif SSLCONFIG += no-ssl2 no-ssl3 no-shared ifndef FOSSIL_ENABLE_MINIZ SSLCONFIG += --with-zlib-lib=$(PWD)/$(ZLIBDIR) --with-zlib-include=$(PWD)/$(ZLIBDIR) zlib endif #### The directories where the OpenSSL include and library files are located. # The recommended usage here is to use the Sysinternals junction tool # to create a hard link between an "openssl-1.x" sub-directory of the |
| ︙ | ︙ |
Changes to win/Makefile.mingw.mistachkin.
| ︙ | ︙ | |||
119 120 121 122 123 124 125 126 127 128 129 130 131 132 | endif else SSLCONFIG = mingw64 ZLIBCONFIG = LIBTARGETS = endif ifndef FOSSIL_ENABLE_MINIZ SSLCONFIG += --with-zlib-lib=$(PWD)/$(ZLIBDIR) --with-zlib-include=$(PWD)/$(ZLIBDIR) zlib endif #### The directories where the OpenSSL include and library files are located. # The recommended usage here is to use the Sysinternals junction tool # to create a hard link between an "openssl-1.x" sub-directory of the | > | 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 | endif else SSLCONFIG = mingw64 ZLIBCONFIG = LIBTARGETS = endif SSLCONFIG += no-ssl2 no-ssl3 no-shared ifndef FOSSIL_ENABLE_MINIZ SSLCONFIG += --with-zlib-lib=$(PWD)/$(ZLIBDIR) --with-zlib-include=$(PWD)/$(ZLIBDIR) zlib endif #### The directories where the OpenSSL include and library files are located. # The recommended usage here is to use the Sysinternals junction tool # to create a hard link between an "openssl-1.x" sub-directory of the |
| ︙ | ︙ |