From 084df7e99a8738be79f83e330415a8963280dc4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= Date: Thu, 16 Oct 2014 17:52:14 +0000 Subject: [PATCH 09/29] [ssl] disable SSL3.0 by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Stefan Bühler git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2969 152afb58-edef-0310-8abb-c4023f1b3aa9 --- NEWS | 1 + src/configfile.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 7260fc5..a702941 100644 --- a/NEWS +++ b/NEWS @@ -10,6 +10,7 @@ NEWS * add support for (Free)BSD extended attributes * [build] use fortify flags with "extra-warnings" * [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available + * [ssl] disable SSL3.0 by default - 1.4.35 - 2014-03-12 * [network/ssl] fix build error if TLSEXT is disabled diff --git a/src/configfile.c b/src/configfile.c index 1e96ce0..bf9a34d 100644 --- a/src/configfile.c +++ b/src/configfile.c @@ -182,7 +182,7 @@ static int config_insert(server *srv) { s->ssl_honor_cipher_order = 1; s->ssl_empty_fragments = 0; s->ssl_use_sslv2 = 0; - s->ssl_use_sslv3 = 1; + s->ssl_use_sslv3 = 0; s->use_ipv6 = 0; s->set_v6only = 1; s->defer_accept = 0; -- 2.4.5