Mercurial > hg > orthanc

comparison Core/HttpServer/MongooseServer.cpp @ 748:de9763f63510

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
upgrade to openssl-1.0.1g because of heartbeat exploit
author Sebastien Jodogne <s.jodogne@gmail.com>
date Wed, 09 Apr 2014 09:31:38 +0200
parents 2d0a347e8cfc
children b8c49473be38
comparison
equal deleted inserted replaced
747:44382c8bcd15 748:de9763f63510
47 #include "../OrthancException.h" 47 #include "../OrthancException.h"
48 #include "../ChunkedBuffer.h" 48 #include "../ChunkedBuffer.h"
49 #include "HttpOutput.h" 49 #include "HttpOutput.h"
50 #include "mongoose.h" 50 #include "mongoose.h"
51 51
52 #if ORTHANC_SSL_ENABLED == 1
53 #include <openssl/opensslv.h>
54 #endif
52 55
53 #define ORTHANC_REALM "Orthanc Secure Area" 56 #define ORTHANC_REALM "Orthanc Secure Area"
54 57
55 static const long LOCALHOST = (127ll << 24) + 1ll; 58 static const long LOCALHOST = (127ll << 24) + 1ll;
56 59
749 remoteAllowed_ = false; 752 remoteAllowed_ = false;
750 authentication_ = false; 753 authentication_ = false;
751 ssl_ = false; 754 ssl_ = false;
752 port_ = 8000; 755 port_ = 8000;
753 filter_ = NULL; 756 filter_ = NULL;
757
758 #if ORTHANC_SSL_ENABLED == 1
759 // Check for the Heartbeat exploit
760 // https://en.wikipedia.org/wiki/OpenSSL#Heartbleed_bug
761 if (OPENSSL_VERSION_NUMBER < 0x1000107fL /* openssl-1.0.1g */ &&
762 OPENSSL_VERSION_NUMBER >= 0x1000100fL /* openssl-1.0.1 */)
763 {
764 LOG(WARNING) << "This version of OpenSSL can be affected by the Heartbeat exploit";
765 }
766 #endif
754 } 767 }
755 768
756 769
757 MongooseServer::~MongooseServer() 770 MongooseServer::~MongooseServer()
758 { 771 {