mirror of
https://github.com/servo/servo.git
synced 2025-08-03 20:50:07 +01:00
Auto merge of #12035 - alex:patch-1, r=frewsxcv
Disable TLS compression <!-- Please describe your changes on the following line: --> --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [ ] These changes fix #__ (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> This prevents the CRIME attack. <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/12035) <!-- Reviewable:end -->
This commit is contained in:
commit
f2d798232f
1 changed files with 2 additions and 2 deletions
|
@ -4,7 +4,7 @@
|
|||
|
||||
use hyper::client::Pool;
|
||||
use hyper::net::{HttpStream, HttpsConnector, SslClient};
|
||||
use openssl::ssl::{SSL_OP_NO_SSLV2, SSL_OP_NO_SSLV3, SSL_VERIFY_PEER};
|
||||
use openssl::ssl::{SSL_OP_NO_COMPRESSION, SSL_OP_NO_SSLV2, SSL_OP_NO_SSLV3, SSL_VERIFY_PEER};
|
||||
use openssl::ssl::{Ssl, SslContext, SslMethod, SslStream};
|
||||
use std::sync::Arc;
|
||||
use util::resource_files::resources_dir_path;
|
||||
|
@ -31,7 +31,7 @@ pub fn create_http_connector() -> Arc<Pool<Connector>> {
|
|||
let mut context = SslContext::new(SslMethod::Sslv23).unwrap();
|
||||
context.set_CA_file(&resources_dir_path().join("certs")).unwrap();
|
||||
context.set_cipher_list(DEFAULT_CIPHERS).unwrap();
|
||||
context.set_options(SSL_OP_NO_SSLV2 | SSL_OP_NO_SSLV3);
|
||||
context.set_options(SSL_OP_NO_SSLV2 | SSL_OP_NO_SSLV3 | SSL_OP_NO_COMPRESSION);
|
||||
let connector = HttpsConnector::new(ServoSslClient {
|
||||
context: Arc::new(context)
|
||||
});
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue