prosody
7e7484a4e821
prosody
Software / code / prosody
Comparison
prosody @ 2321:7e7484a4e821
Disable SSLv2 by default, it's known to be insecure.
| author | Paul Aurich <paul@darkrain42.org> |
|---|---|
| date | Fri, 04 Dec 2009 09:48:08 -0800 |
| parent | 2154:b8635ebd7f57 |
| child | 2322:548a4fc54a74 |
| child | 2769:826f6fb7036d |
comparison
equal
deleted
inserted
replaced
| 2320:2ca7445b882a | 2321:7e7484a4e821 |
|---|---|
| 175 end | 175 end |
| 176 | 176 |
| 177 -- Load SSL settings from config, and create a ctx table | 177 -- Load SSL settings from config, and create a ctx table |
| 178 local global_ssl_ctx = rawget(_G, "ssl") and config.get("*", "core", "ssl"); | 178 local global_ssl_ctx = rawget(_G, "ssl") and config.get("*", "core", "ssl"); |
| 179 if global_ssl_ctx then | 179 if global_ssl_ctx then |
| 180 local default_ssl_ctx = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none"; }; | 180 local default_ssl_ctx = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; |
| 181 setmetatable(global_ssl_ctx, { __index = default_ssl_ctx }); | 181 setmetatable(global_ssl_ctx, { __index = default_ssl_ctx }); |
| 182 end | 182 end |
| 183 | 183 |
| 184 local cl = require "net.connlisteners"; | 184 local cl = require "net.connlisteners"; |
| 185 function prosody.net_activate_ports(option, listener, default, conntype) | 185 function prosody.net_activate_ports(option, listener, default, conntype) |
