Disable SSLv2 by default, it's known to be insecure.

author: Paul Aurich <paul@darkrain42.org> 2009-12-04 09:48:08 -0800
committer: Paul Aurich <paul@darkrain42.org> 2009-12-04 09:48:08 -0800
commit: d92cd1e697553c1a8bd3b10f9326a0af3ec51f6d (patch)
tree: 28d94a882781122a4cae90d5357acc13d33160eb /net/httpserver.lua
parent: 3b8737814d5de1e6ff97dd8b1bd5947c88e20be2 (diff)
download: prosody-d92cd1e697553c1a8bd3b10f9326a0af3ec51f6d.tar.gz
prosody-d92cd1e697553c1a8bd3b10f9326a0af3ec51f6d.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/net/httpserver.lua b/net/httpserver.lua
index 654025ba..ddb68f03 100644
--- a/net/httpserver.lua
+++ b/net/httpserver.lua
@@ -282,6 +282,7 @@ function new_from_config(ports, handle_request, default_options)
 		if ssl then
 			ssl.mode = "server";
 			ssl.protocol = "sslv23";
+			ssl.options = "no_sslv2";
 		end
 		
 		new{ port = port, interface = interface,
author	Paul Aurich <paul@darkrain42.org>	2009-12-04 09:48:08 -0800
committer	Paul Aurich <paul@darkrain42.org>	2009-12-04 09:48:08 -0800
commit	d92cd1e697553c1a8bd3b10f9326a0af3ec51f6d (patch)
tree	28d94a882781122a4cae90d5357acc13d33160eb /net/httpserver.lua
parent	3b8737814d5de1e6ff97dd8b1bd5947c88e20be2 (diff)
download	prosody-d92cd1e697553c1a8bd3b10f9326a0af3ec51f6d.tar.gz prosody-d92cd1e697553c1a8bd3b10f9326a0af3ec51f6d.zip