diff options
| author | Alexandru Scvortov <alexandru@rabbitmq.com> | 2010-09-07 00:05:48 +0100 |
|---|---|---|
| committer | Alexandru Scvortov <alexandru@rabbitmq.com> | 2010-09-07 00:05:48 +0100 |
| commit | 50ac875057e3e1cb0b5e39f587f9aa0afc105fe1 (patch) | |
| tree | b86aa0a6011c1c914668622820e926eed036fea9 /src | |
| parent | db8aed87875ddd5140a7d7a8f923c01a078b824b (diff) | |
| download | rabbitmq-server-git-50ac875057e3e1cb0b5e39f587f9aa0afc105fe1.tar.gz | |
unbreak ssl
So, it turns out they got RC4 wrong. This affects the Java client,
because RC4 is its default. It doesn't normally affect the Mono
client because it defaults to AES.
Masked the RC4 cipher suites. When they fix, we should unmask them.
Diffstat (limited to 'src')
| -rw-r--r-- | src/rabbit_networking.erl | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/rabbit_networking.erl b/src/rabbit_networking.erl index 08272afed4..8151fd980e 100644 --- a/src/rabbit_networking.erl +++ b/src/rabbit_networking.erl @@ -116,7 +116,12 @@ boot_ssl() -> end} | SslOptsConfig] end, - [start_ssl_listener(Host, Port, SslOpts) || {Host, Port} <- SslListeners], + % In R13B04 and R14A (at least), rc4 is incorrectly implemented. + CSs = lists:filter(fun ({_, rc4_128, _}) -> false; + (_) -> true + end, ssl:cipher_suites()), + SslOpts1 = [{ciphers, CSs} | SslOpts], + [start_ssl_listener(Host, Port, SslOpts1) || {Host, Port} <- SslListeners], ok end. |