diff options
| author | stbuehler <stbuehler@152afb58-edef-0310-8abb-c4023f1b3aa9> | 2010-02-28 11:49:22 +0000 |
|---|---|---|
| committer | stbuehler <stbuehler@152afb58-edef-0310-8abb-c4023f1b3aa9> | 2010-02-28 11:49:22 +0000 |
| commit | 6e549649832476f1fe1fb1f9843e2504e5b3b35a (patch) | |
| tree | cc195be7f048b0017864952f49fe50f3f79b73e9 | |
| parent | b83fe93bf42455eebdebfda25a5d288274e4f568 (diff) | |
| download | lighttpd-6e549649832476f1fe1fb1f9843e2504e5b3b35a.tar.gz | |
Fix handling return value of SSL_CTX_set_options (fixes #2157, thx mlcreech)
git-svn-id: svn://svn.lighttpd.net/lighttpd/trunk@2717 152afb58-edef-0310-8abb-c4023f1b3aa9
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | src/network.c | 2 |
2 files changed, 2 insertions, 1 deletions
@@ -160,6 +160,7 @@ NEWS * Require at least glib 2.10.0 for g_atomic_int_set (fixes #2127) * Fix select() backend under high load (off-by-one, noticed by Manuel Scharf in a forum thread) * Append to previous buffer in con read (fixes #2147, found by liming, CVE-2010-0295) + * Fix handling return value of SSL_CTX_set_options (fixes #2157, thx mlcreech) - 1.5.0-r19.. - * -F option added for spawn-fcgi diff --git a/src/network.c b/src/network.c index b33138d0..988dc940 100644 --- a/src/network.c +++ b/src/network.c @@ -653,7 +653,7 @@ int network_init(server *srv) { if (!s->ssl_use_sslv2) { /* disable SSLv2 */ - if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) { + if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) { log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:", ERR_error_string(ERR_get_error(), NULL)); return -1; |