Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ssl unsafe ciphers protocols #140

Merged
merged 3 commits into from
Oct 16, 2014
Merged

Ssl unsafe ciphers protocols #140

merged 3 commits into from
Oct 16, 2014

Conversation

mworrell
Copy link
Contributor

These are a couple of fixes from the Zotonic branch of Mochiweb:

  • Add timeouts to the connect to prevent DoS by opening a connection and not doing anything
  • Prevent using ECDH cipher in R16B because it is broken
  • For default SSL connections, remove usage of sslv3 and not-so-secure ciphers.

@mworrell mworrell mentioned this pull request Oct 15, 2014
Closed
@arjan arjan mentioned this pull request Oct 15, 2014
Closed
etrepum added a commit that referenced this pull request Oct 16, 2014
@etrepum
Merge pull request #140 from mworrell/ssl-unsafe-ciphers-protocols
71a89f3 
Ssl unsafe ciphers protocols
@etrepum etrepum merged commit 71a89f3 into mochi:master Oct 16, 2014
@etrepum
Copy link
Member

etrepum commented Oct 16, 2014

Thank you!

etrepum added a commit that referenced this pull request Oct 16, 2014
@etrepum
update CHANGES and README for v2.9.2 #140
66a6535
@mworrell
Copy link
Contributor Author

And thank you too!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mworrell @etrepum @AtillaE