Created
September 30, 2015 11:12
-
-
Save rnewson/2cf128d76fedd6f1afad to your computer and use it in GitHub Desktop.
Making SHA-2 ssl replication work in R14B01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/src/couch_replicator_httpc.erl b/src/couch_replicator_httpc.erl | |
| index 4b609a6..e4efb39 100644 | |
| --- a/src/couch_replicator_httpc.erl | |
| +++ b/src/couch_replicator_httpc.erl | |
| @@ -94,6 +94,7 @@ send_ibrowse_req(#httpdb{headers = BaseHeaders} = HttpDb, Params) -> | |
| end, | |
| {ok, Worker} = couch_replicator_httpc_pool:get_worker(HttpDb#httpdb.httpc_pool), | |
| IbrowseOptions = [ | |
| + {socket_options, [{ssl_imp, old}]}, | |
| {response_format, binary}, {inactivity_timeout, HttpDb#httpdb.timeout} | | |
| lists:ukeymerge(1, get_value(ibrowse_options, Params, []), | |
| HttpDb#httpdb.ibrowse_options) | |
| diff --git a/src/couch_replicator_utils.erl b/src/couch_replicator_utils.erl | |
| index a81750f..8988e48 100644 | |
| --- a/src/couch_replicator_utils.erl | |
| +++ b/src/couch_replicator_utils.erl | |
| @@ -342,7 +342,7 @@ ssl_verify_options(true, OTPVersion) when OTPVersion >= "R14" -> | |
| CAFile = config:get("replicator", "ssl_trusted_certificates_file"), | |
| [{verify, verify_peer}, {cacertfile, CAFile}]; | |
| ssl_verify_options(false, OTPVersion) when OTPVersion >= "R14" -> | |
| - [{verify, verify_none}]; | |
| + [{verify, 0}]; | |
| ssl_verify_options(true, _OTPVersion) -> | |
| CAFile = config:get("replicator", "ssl_trusted_certificates_file"), | |
| [{verify, 2}, {cacertfile, CAFile}]; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment