prosody
f7601ce30cfc

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

5921:f7601ce30cfc

certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
author Matthew Wild <mwild1@gmail.com>
date Thu, 21 Nov 2013 02:11:09 +0000
parents 5915:e6fed1d80116
children 5922:dd11480ecd47 5924:f44c1dabd4e9
files core/certmanager.lua
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/core/certmanager.lua	Tue Nov 12 02:13:01 2013 +0000
+++ b/core/certmanager.lua	Thu Nov 21 02:11:09 2013 +0000
@@ -70,7 +70,7 @@
 		options = user_ssl_config.options or default_options;
 		depth = user_ssl_config.depth;
 		curve = user_ssl_config.curve or "secp384r1";
-		ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH+kRSA:!DSS:!3DES:!aNULL";
+		ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL";
 		dhparam = user_ssl_config.dhparam;
 	};