[WebUI] Security update for POODLE vulnerability

WebUI with HTTPS enabled is vulnerable to POODLE (CVE-2014-3566), so switch from SSLv3 to TLSv1.
author: Calum Lind <calumlind+deluge@gmail.com> 2014-10-15 18:44:02 +0100
committer: Calum Lind <calumlind+deluge@gmail.com> 2014-10-15 18:44:11 +0100
commit: 26f5be17609a8312c4ba06aa120ed208cd7876f2 (patch)
tree: 976876c3e2ee4a8774f0f6bf44f1f7d67f01e239
parent: d3f47097c1e74d5a6a69b808fcd695994a79ce44 (diff)
download: deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.tar.gz
deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.tar.bz2
deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/deluge/ui/web/server.py b/deluge/ui/web/server.py
index 07f9222af..ede561f91 100644
--- a/deluge/ui/web/server.py
+++ b/deluge/ui/web/server.py
@@ -584,7 +584,7 @@ class ServerContextFactory:
 
     def getContext(self):
         """Creates an SSL context."""
-        ctx = SSL.Context(SSL.SSLv3_METHOD)
+        ctx = SSL.Context(SSL.TLSv1_METHOD)
         deluge_web = component.get("DelugeWeb")
         log.debug("Enabling SSL using:")
         log.debug("Pkey: %s", deluge_web.pkey)
author	Calum Lind <calumlind+deluge@gmail.com>	2014-10-15 18:44:02 +0100
committer	Calum Lind <calumlind+deluge@gmail.com>	2014-10-15 18:44:11 +0100
commit	26f5be17609a8312c4ba06aa120ed208cd7876f2 (patch)
tree	976876c3e2ee4a8774f0f6bf44f1f7d67f01e239
parent	d3f47097c1e74d5a6a69b808fcd695994a79ce44 (diff)
download	deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.tar.gz deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.tar.bz2 deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.zip