use !aNULL to disable all anonymous cipher suites patch by Rob Stradling

commit: 8d7b1d222e7a7a9de35594eac18bd00308d5e7f9 [log] [tgz]
author: Igor Sysoev <igor@sysoev.ru> Mon Jun 27 15:47:51 2011 +0000
committer: Igor Sysoev <igor@sysoev.ru> Mon Jun 27 15:47:51 2011 +0000
tree: d0b96b9b6f6e4bbd64fea9f6d507255b9cc44c3f
parent: 0a860a1c1d9f521eb9ffc5e4d336b5de11b473a0 [diff]
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 672ce8c..3bb3389 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf

@@ -106,7 +106,7 @@
     #    ssl_session_timeout  5m;
 
     #    ssl_protocols  SSLv2 SSLv3 TLSv1;
-    #    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
+    #    ssl_ciphers  HIGH:!aNULL:!MD5;
     #    ssl_prefer_server_ciphers   on;
 
     #    location / {

diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index ee6cc6f..1860050 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c

@@ -13,7 +13,7 @@
     ngx_pool_t *pool, ngx_str_t *s);
 
 
-#define NGX_DEFAULT_CIPHERS  "HIGH:!ADH:!MD5"
+#define NGX_DEFAULT_CIPHERS  "HIGH:!aNULL:!MD5"
 
 
 static ngx_int_t ngx_http_ssl_static_variable(ngx_http_request_t *r,

diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index de463e9..9dd9dfd 100644
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c

@@ -9,7 +9,7 @@
 #include <ngx_mail.h>
 
 
-#define NGX_DEFAULT_CIPHERS  "HIGH:!ADH:!MD5"
+#define NGX_DEFAULT_CIPHERS  "HIGH:!aNULL:!MD5"
 
 
 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf);
commit	8d7b1d222e7a7a9de35594eac18bd00308d5e7f9	[log] [tgz]
author	Igor Sysoev <igor@sysoev.ru>	Mon Jun 27 15:47:51 2011 +0000
committer	Igor Sysoev <igor@sysoev.ru>	Mon Jun 27 15:47:51 2011 +0000
tree	d0b96b9b6f6e4bbd64fea9f6d507255b9cc44c3f
parent	0a860a1c1d9f521eb9ffc5e4d336b5de11b473a0 [diff]