diff options
author | Calum Lind <calumlind+deluge@gmail.com> | 2014-10-15 18:44:02 +0100 |
---|---|---|
committer | Calum Lind <calumlind+deluge@gmail.com> | 2014-10-15 18:44:11 +0100 |
commit | 26f5be17609a8312c4ba06aa120ed208cd7876f2 (patch) | |
tree | 976876c3e2ee4a8774f0f6bf44f1f7d67f01e239 | |
parent | d3f47097c1e74d5a6a69b808fcd695994a79ce44 (diff) | |
download | deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.tar.gz deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.tar.bz2 deluge-26f5be17609a8312c4ba06aa120ed208cd7876f2.zip |
[WebUI] Security update for POODLE vulnerability
WebUI with HTTPS enabled is vulnerable to POODLE (CVE-2014-3566), so switch from
SSLv3 to TLSv1.
-rw-r--r-- | deluge/ui/web/server.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/deluge/ui/web/server.py b/deluge/ui/web/server.py index 07f9222af..ede561f91 100644 --- a/deluge/ui/web/server.py +++ b/deluge/ui/web/server.py @@ -584,7 +584,7 @@ class ServerContextFactory: def getContext(self): """Creates an SSL context.""" - ctx = SSL.Context(SSL.SSLv3_METHOD) + ctx = SSL.Context(SSL.TLSv1_METHOD) deluge_web = component.get("DelugeWeb") log.debug("Enabling SSL using:") log.debug("Pkey: %s", deluge_web.pkey) |