HomePhabricator
Diffusion Bitcoin ABC 683dc4009b2b

Disable SSLv3 (in favor of TLS) for the RPC client and server.
683dc4009b2bUnpublished
Actions

Unpublished Commit ยท Learn More

Repository Importing: This repository is still importing.

Description

Disable SSLv3 (in favor of TLS) for the RPC client and server.

TLS is subject to downgrade attacks when SSLv3 is available, and
SSLv3 has vulnerabilities.

The popular solution is to disable SSLv3. On the web this breaks
some tiny number of very old clients. While Bitcoin RPC shouldn't
be exposed to the open Internet, it also shouldn't be exposed to
really old SSL implementations, so it shouldn't be a major issue
for us to disable SSLv3.

There is more information on the downgrade attacks and disabling
SSLv3 at https://disablessl3.com/ .

Details

Provenance
Gregory Maxwell <greg@xiph.org>Authored on Dec 6 2014, 15:08
deadalnixPushed on May 14 2017, 22:04
Parents
rABC4383319e4e0c: Merge pull request #5432
Branches
Unknown
Tags
Unknown

Event Timeline

Gregory Maxwell <greg@xiph.org> committed rABC683dc4009b2b: Disable SSLv3 (in favor of TLS) for the RPC client and server. (authored by Gregory Maxwell <greg@xiph.org>).Dec 6 2014, 15:08

Changes (2)

PathSize
src/

rABC683dc4009b2b

View Options

src/bitcoin-cli.cpp

Loading...
View Options

src/rpcserver.cpp

Loading...