Commit d4e4eaec authored by Aaron Zauner's avatar Aaron Zauner
Browse files

Disable insecure SSL protocols 

SSLv2 and v3 have serious protocol flaws. They should be disabled by default. This is also what most distributions do and is recommended by the OpenSSL wiki: http://wiki.openssl.org/index.php/Compilation_and_Installation
parent fdd216ab

bin/ruby-build

+1 −1
Original line number Diff line number Diff line
@@ -802,7 +802,7 @@ build_package_mac_openssl() { 
  OPENSSL_CONFIGURE="${OPENSSL_CONFIGURE:-./config}"



  # Compile a shared lib with zlib dynamically linked, no kerberos.

  package_option openssl configure --openssldir="$OPENSSLDIR" zlib-dynamic no-krb5 shared

  package_option openssl configure --openssldir="$OPENSSLDIR" zlib-dynamic no-ssl2 no-ssl3 no-krb5 shared



  # Default MAKE_OPTS are -j 2 which can confuse the build. Thankfully, make

  # gives precedence to the last -j option, so we can override that.