Software / code / prosody
Diff
core/hostmanager.lua @ 2321:7e7484a4e821
Disable SSLv2 by default, it's known to be insecure.
| author | Paul Aurich <paul@darkrain42.org> |
|---|---|
| date | Fri, 04 Dec 2009 09:48:08 -0800 |
| parent | 1980:8fceabd84d74 |
| child | 2420:6ccd36a95a81 |
| child | 2877:1edeb8fe7d14 |
line wrap: on
line diff
--- a/core/hostmanager.lua Fri Dec 04 14:41:53 2009 +0000 +++ b/core/hostmanager.lua Fri Dec 04 09:48:08 2009 -0800 @@ -20,8 +20,8 @@ local incoming_s2s = _G.prosody.incoming_s2s; -- These are the defaults if not overridden in the config -local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none"; }; -local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none"; }; +local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; +local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local log = require "util.logger".init("hostmanager");
