Skip to content

P
pve-manager
Commit c7ec89a4 authored by Dietmar Maurer's avatar Dietmar Maurer
Browse files
Options

disable SSL compression 

To avoid CRIME attacks:

http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29

http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29# with '#' will be ignored, and an empty message aborts the commit.
parent fc0030d6
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 0 deletions
PVE/HTTPServer.pm
View file @ c7ec89a4
...@@ -13,6 +13,7 @@ use Digest::MD5; ...@@ -13,6 +13,7 @@ use Digest::MD5;
use AnyEvent::Util qw(guard fh_nonblocking WSAEWOULDBLOCK WSAEINPROGRESS); use AnyEvent::Util qw(guard fh_nonblocking WSAEWOULDBLOCK WSAEINPROGRESS);
use AnyEvent::Socket; use AnyEvent::Socket;
use AnyEvent::Handle; use AnyEvent::Handle;
use Net::SSLeay;
use AnyEvent::TLS; use AnyEvent::TLS;
use AnyEvent::IO; use AnyEvent::IO;
use AnyEvent::HTTP; use AnyEvent::HTTP;
...@@ -1304,6 +1305,7 @@ sub new { ...@@ -1304,6 +1305,7 @@ sub new {
if ($self->{ssl}) { if ($self->{ssl}) {
$self->{tls_ctx} = AnyEvent::TLS->new(%{$self->{ssl}}); $self->{tls_ctx} = AnyEvent::TLS->new(%{$self->{ssl}});
Net::SSLeay::CTX_set_options($self->{tls_ctx}->{ctx}, &Net::SSLeay::OP_NO_COMPRESSION);
} }
if ($self->{spiceproxy}) { if ($self->{spiceproxy}) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023