github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Set the minimum security protocol version for SecRemoteRules

Browse Source
This commit is contained in:
Ervin Hegedus 2024-01-27 17:27:00 +01:00
parent 7aae94b286
commit ec8e800a6a
No known key found for this signature in database
GPG Key ID: 5FA5BC3F5EC41F61
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -1,6 +1,8 @@
v3.x.y - YYYY-MMM-DD (to be released)
-------------------------------------
- Set the minimum security protocol version for SecRemoteRules
[Issue security/code-scanning/2 - @airween]
v3.0.11 - 2023-Dec-06
---------------------

4
src/utils/https_client.cc
View File

@ -87,8 +87,8 @@ bool HttpsClient::download(const std::string &uri) {
headers_chunk = curl_slist_append(headers_chunk, m_key.c_str());
}
/* Make it TLS 1.x only. */
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
/* Make it TLS 1.2 at least. */
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
/* those are the default options, but lets make sure */
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);