aboutsummaryrefslogtreecommitdiff
path: root/contrib/epee/src/net_ssl.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/epee/src/net_ssl.cpp')
-rw-r--r--contrib/epee/src/net_ssl.cpp8
1 files changed, 5 insertions, 3 deletions
diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp
index 946499129..2cf9ea2b6 100644
--- a/contrib/epee/src/net_ssl.cpp
+++ b/contrib/epee/src/net_ssl.cpp
@@ -128,7 +128,7 @@ namespace net_utils
// https://stackoverflow.com/questions/256405/programmatically-create-x509-certificate-using-openssl
bool create_rsa_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert)
{
- MGINFO("Generating SSL certificate");
+ MINFO("Generating SSL certificate");
pkey = EVP_PKEY_new();
if (!pkey)
{
@@ -198,7 +198,7 @@ bool create_rsa_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert)
bool create_ec_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert, int type)
{
- MGINFO("Generating SSL certificate");
+ MINFO("Generating SSL certificate");
pkey = EVP_PKEY_new();
if (!pkey)
{
@@ -289,7 +289,9 @@ ssl_options_t::ssl_options_t(std::vector<std::vector<std::uint8_t>> fingerprints
boost::asio::ssl::context ssl_options_t::create_context() const
{
- boost::asio::ssl::context ssl_context{boost::asio::ssl::context::tls};
+ // note: this enables a lot of old and insecure protocols, which we
+ // promptly disable below - if the result is actually used
+ boost::asio::ssl::context ssl_context{boost::asio::ssl::context::sslv23};
if (!bool(*this))
return ssl_context;
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-09 21:10:21 +0000