From 24413bfa11f1143f5772fa4c95d892b45378ee46 Mon Sep 17 00:00:00 2001
From: Anthony Minessale <anthm@freeswitch.org>
Date: Sat, 16 Aug 2014 00:37:43 +0500
Subject: [PATCH] copy changes from verto ws.c to sofia

---
 libs/sofia-sip/libsofia-sip-ua/tport/ws.c | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/libs/sofia-sip/libsofia-sip-ua/tport/ws.c b/libs/sofia-sip/libsofia-sip-ua/tport/ws.c
index 8a0d3addcc..2153855b08 100644
--- a/libs/sofia-sip/libsofia-sip-ua/tport/ws.c
+++ b/libs/sofia-sip/libsofia-sip-ua/tport/ws.c
@@ -1,11 +1,6 @@
 #include "ws.h"
 #include <pthread.h>
 
-#ifdef _MSC_VER
-/* warning C4706: assignment within conditional expression*/
-#pragma warning(disable: 4706)
-#endif
-
 #ifndef _MSC_VER
 #include <fcntl.h>
 #endif
@@ -97,10 +92,18 @@ void init_ssl(void) {
 
 	OpenSSL_add_all_algorithms();   /* load & register cryptos */
 	SSL_load_error_strings();     /* load all error messages */
-	ws_globals.ssl_method = TLSv1_server_method();   /* create server instance */
+	ws_globals.ssl_method = SSLv23_server_method();   /* create server instance */
 	ws_globals.ssl_ctx = SSL_CTX_new(ws_globals.ssl_method);         /* create context */
 	assert(ws_globals.ssl_ctx);
-	
+
+	/* Disable SSLv2 */
+	SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_SSLv2);
+	/* Disable SSLv3 */
+	SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_SSLv3);
+	/* Disable TLSv1 */
+	SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_TLSv1);
+	/* Disable Compression CRIME (Compression Ratio Info-leak Made Easy) */
+	SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_COMPRESSION);
 	/* set the local certificate from CertFile */
 	SSL_CTX_use_certificate_file(ws_globals.ssl_ctx, ws_globals.cert, SSL_FILETYPE_PEM);
 	/* set the private key from KeyFile */