]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/patches/openssl-1.0.2h-weak-ciphers.patch
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
squid 3.5.28: latest patches (01-02)
[people/pmueller/ipfire-2.x.git] / src / patches / openssl-1.0.2h-weak-ciphers.patch
1 diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h
2 --- openssl-1.0.2h.org/ssl/ssl.h 2016-05-03 15:44:42.000000000 +0200
3 +++ openssl-1.0.2h/ssl/ssl.h 2016-05-03 18:49:10.393302264 +0200
4 @@ -338,7 +338,7 @@
5 * The following cipher list is used by default. It also is substituted when
6 * an application-defined cipher list string starts with 'DEFAULT'.
7 */
8 -# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
9 +# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
10 /*
11 * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
12 * starts with a reasonable order, and all we have to do for DEFAULT is
Peter's tree of IPFire 2.x