Google Git
Sign in
nginx/nginx/3bed0daced69a8ac0836041eee7e0b4bea58309e^!/./src
commit
3bed0daced69a8ac0836041eee7e0b4bea58309e
[log] [tgz]
author
Igor Sysoev <igor@sysoev.ru>
Wed Oct 07 14:46:13 2009 +0000
committer
Igor Sysoev <igor@sysoev.ru>
Wed Oct 07 14:46:13 2009 +0000
tree
130d02110cba8b2d60266253a749267084309a24
parent
136dd8d1e692de0f5b96c6f1da51188737d630b0 [diff]
use only strong ciphers by default

diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 1d67eeb..94000fc 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c

@@ -13,7 +13,7 @@
     ngx_pool_t *pool, ngx_str_t *s);
 
 
-#define NGX_DEFAULT_CIPHERS  "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM"
+#define NGX_DEFAULT_CIPHERS  "HIGH:!ADH:!MD5"
 
 
 static ngx_int_t ngx_http_ssl_static_variable(ngx_http_request_t *r,

diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index c9a9f35..90f2b1b 100644
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c

@@ -9,7 +9,7 @@
 #include <ngx_mail.h>
 
 
-#define NGX_DEFAULT_CIPHERS  "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM"
+#define NGX_DEFAULT_CIPHERS  "HIGH:!ADH:!MD5"
 
 
 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf);