merge revision(s) 45274,45278,45280,48097: [Backport #9424]

	* lib/openssl/ssl.rb: Explicitly whitelist the default
	  SSL/TLS ciphers. Forbid SSLv2 and SSLv3, disable
	  compression by default.
	  Reported by Jeff Hodges.
	  [ruby-core:59829] [Bug #9424]

	* test/openssl/test_ssl.rb: Reuse TLS default options from
	  OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.

	* ext/openssl/lib/openssl/ssl.rb (DEFAULT_PARAMS): override
	  options even if OpenSSL::SSL::OP_NO_SSLv3 is not defined.
	  this is pointed out by Stephen Touset. [ruby-core:65711] [Bug #9424]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@48110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 19 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 590125e2c5..4d9fd00bf8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,22 @@
+Thu Oct 23 18:56:55 2014  CHIKANAGA Tomoyuki  <nagachika@ruby-lang.org>
+
+	* ext/openssl/lib/openssl/ssl.rb (DEFAULT_PARAMS): override
+	  options even if OpenSSL::SSL::OP_NO_SSLv3 is not defined.
+	  this is pointed out by Stephen Touset. [ruby-core:65711] [Bug #9424]
+
+Thu Oct 23 18:56:55 2014  Martin Bosslet  <Martin.Bosslet@gmail.com>
+
+	* test/openssl/test_ssl.rb: Reuse TLS default options from
+	  OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.
+
+Thu Oct 23 18:56:55 2014  Martin Bosslet  <Martin.Bosslet@gmail.com>
+
+	* lib/openssl/ssl.rb: Explicitly whitelist the default
+	  SSL/TLS ciphers. Forbid SSLv2 and SSLv3, disable
+	  compression by default.
+	  Reported by Jeff Hodges.
+	  [ruby-core:59829] [Bug #9424]
+
 Mon Oct 20 14:41:45 2014  Kazuki Tsujimoto  <kazuki@callcc.net>
 
 	* vm_core.h, vm.c, proc.c: fix GC mark miss on bindings.