Mercurial Mercurial > prosody > prosody / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
certmanager: Disable SSLv3 by default
authorKim Alvefur <zash@zash.se>
Thu, 31 Oct 2013 19:00:36 +0100
changeset 5895 1b0ac7950129
parent 5864 22b1d18eb919
child 5896 019130907a07
child 5901 1d13f73af58e
certmanager: Disable SSLv3 by default
core/certmanager.lua file | annotate | diff | comparison | revisions 
--- a/core/certmanager.lua	Thu Oct 10 17:18:16 2013 -0400
+++ b/core/certmanager.lua	Thu Oct 31 19:00:36 2013 +0100
@@ -33,7 +33,7 @@
 local default_ssl_config = configmanager.get("*", "ssl");
 local default_capath = "/etc/ssl/certs";
 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", }) or "none";
-local default_options = { "no_sslv2", luasec_has_noticket and "no_ticket" or nil };
+local default_options = { "no_sslv2", "no_sslv3", luasec_has_noticket and "no_ticket" or nil };
 local default_verifyext = { "lsec_continue", "lsec_ignore_purpose" };
 
 if ssl and not luasec_has_verifyext and ssl.x509 then
prosody