diff options
| author | Zachary Scott <e@zzak.io> | 2015-10-13 20:48:30 +0900 |
|---|---|---|
| committer | Zachary Scott <e@zzak.io> | 2015-10-13 20:48:30 +0900 |
| commit | 908a62cc0cff25f1861fcb69b70e10a31590e3d2 (patch) | |
| tree | e53126260206faa330476cc47439c2f44894e7f8 /lib | |
| parent | a504359950f86f96ef2477920b56027f5b7f4fb2 (diff) | |
| download | ruby-openssl-908a62cc0cff25f1861fcb69b70e10a31590e3d2.tar.gz | |
Revert "Prefer TLS v1.2 to follow "secure defaults" and disable TLS v1.0 and v1.1"
This reverts commit a504359950f86f96ef2477920b56027f5b7f4fb2.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/openssl/ssl.rb | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/openssl/ssl.rb b/lib/openssl/ssl.rb index 308152e5..ed19e09a 100644 --- a/lib/openssl/ssl.rb +++ b/lib/openssl/ssl.rb @@ -16,7 +16,7 @@ module OpenSSL module SSL class SSLContext DEFAULT_PARAMS = { - :ssl_version => "TLSv1_2", + :ssl_version => "SSLv23", :verify_mode => OpenSSL::SSL::VERIFY_PEER, :ciphers => %w{ ECDHE-ECDSA-AES128-GCM-SHA256 @@ -59,7 +59,6 @@ module OpenSSL opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION) opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2) opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3) - opts |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1) opts }.call } |