mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-26 19:00:34 +02:00
d25d7bfccf
see https://www.openssl.org/news/secadv/20160503.txt for details Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
13 lines
681 B
Diff
13 lines
681 B
Diff
diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h
|
|
--- openssl-1.0.2h.org/ssl/ssl.h 2016-05-03 15:44:42.000000000 +0200
|
|
+++ openssl-1.0.2h/ssl/ssl.h 2016-05-03 18:49:10.393302264 +0200
|
|
@@ -338,7 +338,7 @@
|
|
* The following cipher list is used by default. It also is substituted when
|
|
* an application-defined cipher list string starts with 'DEFAULT'.
|
|
*/
|
|
-# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
|
|
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
|
|
/*
|
|
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
|
|
* starts with a reasonable order, and all we have to do for DEFAULT is
|