aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2018-02-23 16:12:37 +0100
committerIngela Anderton Andin <[email protected]>2018-03-08 09:36:23 +0100
commit0ff4a42e31e4ef8d190e3be866315a774b590745 (patch)
treeec469f11370fca530b375e2fde6887c0ff8aa77f /lib/ssl/src
parent5faf147cfe27da707059c61ae1e284c10987565a (diff)
downloadotp-0ff4a42e31e4ef8d190e3be866315a774b590745.tar.gz
otp-0ff4a42e31e4ef8d190e3be866315a774b590745.tar.bz2
otp-0ff4a42e31e4ef8d190e3be866315a774b590745.zip
ssl: Increase security with safer default
The interoperability option to fallback to insecure renegotiation now has to be explicitly turned on.
Diffstat (limited to 'lib/ssl/src')
-rw-r--r--lib/ssl/src/ssl.erl2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 0b035d31be..82f62b51b9 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -843,7 +843,7 @@ handle_options(Opts0, Role, Host) ->
%% Server side option
reuse_session = handle_option(reuse_session, Opts, ReuseSessionFun),
reuse_sessions = handle_option(reuse_sessions, Opts, true),
- secure_renegotiate = handle_option(secure_renegotiate, Opts, false),
+ secure_renegotiate = handle_option(secure_renegotiate, Opts, true),
client_renegotiation = handle_option(client_renegotiation, Opts,
default_option_role(server, true, Role),
server, Role),