From 5d3cad37a80c6d730e2e5e3b6091cbb69ce199ec Mon Sep 17 00:00:00 2001
From: Alexey Shchepin <alexey@process-one.net>
Date: Tue, 26 Nov 2013 14:52:17 +0200
Subject: [PATCH] Disable SSLv3

---
 c_src/p1_tls_drv.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/c_src/p1_tls_drv.c b/c_src/p1_tls_drv.c
index b8779d5..715f781 100644
--- a/c_src/p1_tls_drv.c
+++ b/c_src/p1_tls_drv.c
@@ -490,11 +490,16 @@ static ErlDrvSSizeT tls_drv_control(ErlDrvData handle,
 	 SSL_set_bio(d->ssl, d->bio_read, d->bio_write);
 
 	 if (command == SET_CERTIFICATE_FILE_ACCEPT) {
-	    SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET|SSL_OP_ALL);
+	    SSL_set_options(
+	       d->ssl,
+	       SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
+	       SSL_OP_NO_TICKET | SSL_OP_ALL);
 
 	    SSL_set_accept_state(d->ssl);
 	 } else {
-	    SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
+	    SSL_set_options(
+	       d->ssl,
+	       SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TICKET);
 	    SSL_set_connect_state(d->ssl);
 	 }
 	 break;