From 6079042ccefe7d93cf6a09007c068aa0c9a8978c Mon Sep 17 00:00:00 2001 From: Martijn Otto Date: Wed, 11 Mar 2020 09:28:02 +0100 Subject: Use boost::asio::ssl::context::sslv23 for backwards compatibility All the insecure protocols that this enables are then disabled, so they cannot be actually used. The end-result is the same. --- contrib/epee/src/net_ssl.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'contrib/epee') diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp index 946499129..d7bb62049 100644 --- a/contrib/epee/src/net_ssl.cpp +++ b/contrib/epee/src/net_ssl.cpp @@ -289,7 +289,9 @@ ssl_options_t::ssl_options_t(std::vector> fingerprints boost::asio::ssl::context ssl_options_t::create_context() const { - boost::asio::ssl::context ssl_context{boost::asio::ssl::context::tls}; + // note: this enables a lot of old and insecure protocols, which we + // promptly disable below - if the result is actually used + boost::asio::ssl::context ssl_context{boost::asio::ssl::context::sslv23}; if (!bool(*this)) return ssl_context; -- cgit v1.2.3