blob: 6980a1949763d1b471001c0a3a69c52b67a236e4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
From 084df7e99a8738be79f83e330415a8963280dc4a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BChler?= <stbuehler@web.de>
Date: Thu, 16 Oct 2014 17:52:14 +0000
Subject: [PATCH 09/29] [ssl] disable SSL3.0 by default
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2969 152afb58-edef-0310-8abb-c4023f1b3aa9
---
NEWS | 1 +
src/configfile.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index 7260fc5..a702941 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,7 @@ NEWS
* add support for (Free)BSD extended attributes
* [build] use fortify flags with "extra-warnings"
* [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
+ * [ssl] disable SSL3.0 by default
- 1.4.35 - 2014-03-12
* [network/ssl] fix build error if TLSEXT is disabled
diff --git a/src/configfile.c b/src/configfile.c
index 1e96ce0..bf9a34d 100644
--- a/src/configfile.c
+++ b/src/configfile.c
@@ -182,7 +182,7 @@ static int config_insert(server *srv) {
s->ssl_honor_cipher_order = 1;
s->ssl_empty_fragments = 0;
s->ssl_use_sslv2 = 0;
- s->ssl_use_sslv3 = 1;
+ s->ssl_use_sslv3 = 0;
s->use_ipv6 = 0;
s->set_v6only = 1;
s->defer_accept = 0;
--
2.4.5
|
