tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7248 from Icinga/bugfix/ecc-cipher-loading-el7 

SSL Context: Explicitly load ECC ciphers on el7
This commit is contained in:
Michael Friedrich 2019-06-18 16:42:42 +02:00 committed by GitHub
parent 8b5ebe9aa1 9c92368774
commit ad3a78c3a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/base/tlsutility.cpp
View File

@ -73,6 +73,9 @@ static void SetupSslContext(SSL_CTX *sslContext, const String& pubkey, const Str
SSL_CTX_set_mode(sslContext, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_session_id_context(sslContext, (const unsigned char *)"Icinga 2", 8);
// Explicitly load ECC ciphers, required on el7 - https://github.com/Icinga/icinga2/issues/7247
SSL_CTX_set_ecdh_auto(sslContext, 1);
if (!pubkey.IsEmpty()) {
if (!SSL_CTX_use_certificate_chain_file(sslContext, pubkey.CStr())) {
Log(LogCritical, "SSL")