prosody
f7601ce30cfc
core/certmanager.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Diff

core/certmanager.lua @ 5921:f7601ce30cfc

certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
author Matthew Wild <mwild1@gmail.com>
date Thu, 21 Nov 2013 02:11:09 +0000
parent 5915:e6fed1d80116
child 5922:dd11480ecd47
child 6496:e4b998ffc922
line wrap: on
line diff
--- a/core/certmanager.lua	Tue Nov 12 02:13:01 2013 +0000
+++ b/core/certmanager.lua	Thu Nov 21 02:11:09 2013 +0000
@@ -70,7 +70,7 @@
 		options = user_ssl_config.options or default_options;
 		depth = user_ssl_config.depth;
 		curve = user_ssl_config.curve or "secp384r1";
-		ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH+kRSA:!DSS:!3DES:!aNULL";
+		ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL";
 		dhparam = user_ssl_config.dhparam;
 	};