diff options
| author | bmeeks8 <bmeeks8@bellsouth.net> | 2015-07-03 14:47:01 -0400 |
|---|---|---|
| committer | bmeeks8 <bmeeks8@bellsouth.net> | 2015-07-03 14:47:01 -0400 |
| commit | 22fe600ac74fd8cf0d9c802f52ea11e536116125 (patch) | |
| tree | 0ca14002d41b7bff86d55e3e1b09676fc26319f1 | |
| parent | 89fb04559a6e9bf1f5806bdbf3a351fe725485e9 (diff) | |
| download | pfsense-packages-22fe600ac74fd8cf0d9c802f52ea11e536116125.tar.gz pfsense-packages-22fe600ac74fd8cf0d9c802f52ea11e536116125.tar.bz2 pfsense-packages-22fe600ac74fd8cf0d9c802f52ea11e536116125.zip | |
Use more secure CURL options for rules tarball downloads.
| -rwxr-xr-x | config/snort/snort_check_for_rule_updates.php | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 842e39d5..19930f27 100755 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -203,9 +203,11 @@ function snort_download_file_url($url, $file_out) { } curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Win64; x64; Trident/6.0)"); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); + curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36"); + curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2, TLSv1"); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Use the system proxy server setttings if configured |