projects
/
prosody.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
ce51427
)
certmanager: Update default cipher string to prefer forward-secrecy over cipher stren...
author
Matthew Wild
<mwild1@gmail.com>
Sun, 10 Nov 2013 18:46:48 +0000
(18:46 +0000)
committer
Matthew Wild
<mwild1@gmail.com>
Sun, 10 Nov 2013 18:46:48 +0000
(18:46 +0000)
core/certmanager.lua
patch
|
blob
|
history
diff --git
a/core/certmanager.lua
b/core/certmanager.lua
index 0503f40e903efe82edf28a386c3e52ac337d92ec..1a8da6a618b91cbaaab8a56a0fcf2ec84c5c7d57 100644
(file)
--- a/
core/certmanager.lua
+++ b/
core/certmanager.lua
@@
-70,7
+70,7
@@
function create_context(host, mode, user_ssl_config)
options = user_ssl_config.options or default_options;
depth = user_ssl_config.depth;
curve = user_ssl_config.curve or "secp384r1";
- ciphers = user_ssl_config.ciphers or "HIGH
:!DSS:!aNULL@STRENGTH
";
+ ciphers = user_ssl_config.ciphers or "HIGH
+kEDH:HIGH+kEECDH:HIGH+kRSA:!DSS:!3DES:!aNULL
";
dhparam = user_ssl_config.dhparam;
};