Mercurial Mercurial > prosody > prosody / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
certmanager: Set our own default cipher string, which includes only ciphers regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
authorMatthew Wild <mwild1@gmail.com>
Sat, 13 Jul 2013 13:15:24 +0100
changeset 5745 a1b0cfebeeba
parent 5736 72a1f769c36f
child 5746 3137751751b4
child 5750 fbff8ecb6662
certmanager: Set our own default cipher string, which includes only ciphers regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
core/certmanager.lua file | annotate | diff | comparison | revisions 
--- a/core/certmanager.lua	Thu Jul 11 15:08:47 2013 +0100
+++ b/core/certmanager.lua	Sat Jul 13 13:15:24 2013 +0100
@@ -68,6 +68,7 @@
 		options = user_ssl_config.options or default_options;
 		depth = user_ssl_config.depth;
 		curve = user_ssl_config.curve or "secp384r1";
+		ciphers = user_ssl_config.ciphers or "HIGH:!DSS:!aNULL@STRENGTH";
 		dhparam = user_ssl_config.dhparam;
 	};
prosody