disable SSL compression

To avoid CRIME attacks: http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29 http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29# with '#' will be ignored, and an empty message aborts the commit.

disable SSL compression
To avoid CRIME attacks: http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29 http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29# with '#' will be ignored, and an empty message aborts the commit.
c7ec89a4 · Dietmar Maurer · fc0030d6 · c7ec89a4
Commit c7ec89a4 authored Sep 17, 2013 by Dietmar Maurer
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

HTTPServer.pm PVE/HTTPServer.pm +2 -0

No files found.
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -13,6 +13,7 @@ use Digest::MD5;
 use AnyEvent::Util qw(guard fh_nonblocking WSAEWOULDBLOCK WSAEINPROGRESS);
 use AnyEvent::Socket;
 use AnyEvent::Handle;
+use Net::SSLeay;
 use AnyEvent::TLS;
 use AnyEvent::IO;
 use AnyEvent::HTTP;
@@ -1304,6 +1305,7 @@ sub new {

    if ($self->{ssl}) {
 	$self->{tls_ctx} = AnyEvent::TLS->new(%{$self->{ssl}});
+	Net::SSLeay::CTX_set_options($self->{tls_ctx}->{ctx}, &Net::SSLeay::OP_NO_COMPRESSION);
    }

    if ($self->{spiceproxy}) {