mirror of
https://repo.or.cz/socat.git
synced 2024-12-23 07:52:32 +00:00
Red Hat issue 1019964: socat now uses the system certificate store
This commit is contained in:
parent
78497ff3c7
commit
066dac0812
2 changed files with 5 additions and 1 deletions
4
CHANGES
4
CHANGES
|
@ -32,6 +32,10 @@ security:
|
||||||
Red Hat issue 1019964: socat now uses the system certificate store with
|
Red Hat issue 1019964: socat now uses the system certificate store with
|
||||||
OPENSSL when neither options cafile nor capath are used
|
OPENSSL when neither options cafile nor capath are used
|
||||||
|
|
||||||
|
Red Hat issue 1019972: needs to specify OpenSSL cipher suites
|
||||||
|
Default cipherlist is now "HIGH:-NULL:-PSK:-aNULL" instead of empty to
|
||||||
|
prevent downgrade attacks
|
||||||
|
|
||||||
corrections:
|
corrections:
|
||||||
LISTEN based addresses applied some address options, e.g. so-keepalive,
|
LISTEN based addresses applied some address options, e.g. so-keepalive,
|
||||||
to the listening file descriptor instead of the connected file
|
to the listening file descriptor instead of the connected file
|
||||||
|
|
|
@ -852,7 +852,7 @@ int
|
||||||
bool opt_fips = false;
|
bool opt_fips = false;
|
||||||
const SSL_METHOD *method;
|
const SSL_METHOD *method;
|
||||||
char *me_str = NULL; /* method string */
|
char *me_str = NULL; /* method string */
|
||||||
char *ci_str = NULL; /* cipher string */
|
char *ci_str = "HIGH:-NULL:-PSK:-aNULL"; /* cipher string */
|
||||||
char *opt_key = NULL; /* file name of client private key */
|
char *opt_key = NULL; /* file name of client private key */
|
||||||
char *opt_dhparam = NULL; /* file name of DH params */
|
char *opt_dhparam = NULL; /* file name of DH params */
|
||||||
char *opt_cafile = NULL; /* certificate authority file */
|
char *opt_cafile = NULL; /* certificate authority file */
|
||||||
|
|
Loading…
Reference in a new issue