use only strong ciphers by default

commit: 3bed0daced69a8ac0836041eee7e0b4bea58309e [log] [tgz]
author: Igor Sysoev <igor@sysoev.ru> Wed Oct 07 14:46:13 2009 +0000
committer: Igor Sysoev <igor@sysoev.ru> Wed Oct 07 14:46:13 2009 +0000
tree: 130d02110cba8b2d60266253a749267084309a24
parent: 136dd8d1e692de0f5b96c6f1da51188737d630b0 [diff]
diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 1d67eeb..94000fc 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c

@@ -13,7 +13,7 @@
     ngx_pool_t *pool, ngx_str_t *s);
 
 
-#define NGX_DEFAULT_CIPHERS  "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM"
+#define NGX_DEFAULT_CIPHERS  "HIGH:!ADH:!MD5"
 
 
 static ngx_int_t ngx_http_ssl_static_variable(ngx_http_request_t *r,

diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index c9a9f35..90f2b1b 100644
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c

@@ -9,7 +9,7 @@
 #include <ngx_mail.h>
 
 
-#define NGX_DEFAULT_CIPHERS  "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM"
+#define NGX_DEFAULT_CIPHERS  "HIGH:!ADH:!MD5"
 
 
 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf);
commit	3bed0daced69a8ac0836041eee7e0b4bea58309e	[log] [tgz]
author	Igor Sysoev <igor@sysoev.ru>	Wed Oct 07 14:46:13 2009 +0000
committer	Igor Sysoev <igor@sysoev.ru>	Wed Oct 07 14:46:13 2009 +0000
tree	130d02110cba8b2d60266253a749267084309a24
parent	136dd8d1e692de0f5b96c6f1da51188737d630b0 [diff]