From 5fe6f8338d908f3d9be07a7da2535b85b43f52bf Mon Sep 17 00:00:00 2001
From: Peter Thorson <github@zaphoyd.com>
Date: Tue, 4 Nov 2014 12:26:07 -0500
Subject: [PATCH] Disable SSLv3 in example servers

---
 changelog.md                                   | 3 +++
 examples/debug_client/debug_client.cpp         | 1 +
 examples/echo_server_both/echo_server_both.cpp | 1 +
 examples/echo_server_tls/echo_server_tls.cpp   | 1 +
 4 files changed, 6 insertions(+)

diff --git a/changelog.md b/changelog.md
index 4ab7680..5d33fab 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,3 +1,6 @@
+HEAD
+- Security: Disabled SSLv3 in example servers.
+
 0.4.0 - 2014-11-04
 - BREAKING API CHANGE: All WebSocket++ methods now throw an exception of type
   `websocketpp::exception` which derives from `std::exception`. This normalizes
diff --git a/examples/debug_client/debug_client.cpp b/examples/debug_client/debug_client.cpp
index d8d84b1..c043866 100644
--- a/examples/debug_client/debug_client.cpp
+++ b/examples/debug_client/debug_client.cpp
@@ -97,6 +97,7 @@ public:
         try {
             ctx->set_options(boost::asio::ssl::context::default_workarounds |
                              boost::asio::ssl::context::no_sslv2 |
+                             boost::asio::ssl::context::no_sslv3 |
                              boost::asio::ssl::context::single_dh_use);
         } catch (std::exception& e) {
             std::cout << e.what() << std::endl;
diff --git a/examples/echo_server_both/echo_server_both.cpp b/examples/echo_server_both/echo_server_both.cpp
index ee78567..b277d5c 100644
--- a/examples/echo_server_both/echo_server_both.cpp
+++ b/examples/echo_server_both/echo_server_both.cpp
@@ -46,6 +46,7 @@ context_ptr on_tls_init(websocketpp::connection_hdl hdl) {
     try {
         ctx->set_options(boost::asio::ssl::context::default_workarounds |
                          boost::asio::ssl::context::no_sslv2 |
+                         boost::asio::ssl::context::no_sslv3 |
                          boost::asio::ssl::context::single_dh_use);
         ctx->set_password_callback(bind(&get_password));
         ctx->use_certificate_chain_file("server.pem");
diff --git a/examples/echo_server_tls/echo_server_tls.cpp b/examples/echo_server_tls/echo_server_tls.cpp
index 6523a77..8408ebc 100644
--- a/examples/echo_server_tls/echo_server_tls.cpp
+++ b/examples/echo_server_tls/echo_server_tls.cpp
@@ -38,6 +38,7 @@ context_ptr on_tls_init(websocketpp::connection_hdl hdl) {
     try {
         ctx->set_options(boost::asio::ssl::context::default_workarounds |
                          boost::asio::ssl::context::no_sslv2 |
+                         boost::asio::ssl::context::no_sslv3 |
                          boost::asio::ssl::context::single_dh_use);
         ctx->set_password_callback(bind(&get_password));
         ctx->use_certificate_chain_file("server.pem");