]> git.ipfire.org Git - ipfire-2.x.git/blob - src/patches/openssl-1.0.1m-weak-ciphers.patch
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'amarx/BUG10797' into next
[ipfire-2.x.git] / src / patches / openssl-1.0.1m-weak-ciphers.patch
1 --- openssl-1.0.1m/ssl/ssl.h.old 2015-03-19 15:25:20.646533583 +0100
2 +++ openssl-1.0.1m/ssl/ssl.h 2015-03-19 15:25:31.229875691 +0100
3 @@ -334,7 +334,7 @@
4 * The following cipher list is used by default. It also is substituted when
5 * an application-defined cipher list string starts with 'DEFAULT'.
6 */
7 -# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2"
8 +# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
9 /*
10 * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
11 * starts with a reasonable order, and all we have to do for DEFAULT is
IPFire 2.x development tree