[ssl] disable SSL3.0 by default

From: Stefan Bühler <stbuehler@web.de> git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2969 152afb58-edef-0310-8abb-c4023f1b3aa9
author: Stefan Bühler <stbuehler@web.de> 2014-10-16 17:52:14 +0000
committer: Stefan Bühler <stbuehler@web.de> 2014-10-16 17:52:14 +0000
commit: 084df7e99a8738be79f83e330415a8963280dc4a (patch)
tree: 0dde9d14f480219fc050d30d1ddf7f531f5986f2
parent: 4a6838103d8a6de025dcce1adfa6f508f17b3c16 (diff)
download: lighttpd-git-084df7e99a8738be79f83e330415a8963280dc4a.tar.gz
2 files changed, 2 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 7260fc5f..a7029418 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,7 @@ NEWS
   * add support for (Free)BSD extended attributes
   * [build] use fortify flags with "extra-warnings"
   * [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
+  * [ssl] disable SSL3.0 by default
 
 - 1.4.35 - 2014-03-12
   * [network/ssl] fix build error if TLSEXT is disabled
diff --git a/src/configfile.c b/src/configfile.c
index 1e96ce09..bf9a34d8 100644
--- a/src/configfile.c
+++ b/src/configfile.c
@@ -182,7 +182,7 @@ static int config_insert(server *srv) {
 		s->ssl_honor_cipher_order = 1;
 		s->ssl_empty_fragments = 0;
 		s->ssl_use_sslv2 = 0;
-		s->ssl_use_sslv3 = 1;
+		s->ssl_use_sslv3 = 0;
 		s->use_ipv6      = 0;
 		s->set_v6only    = 1;
 		s->defer_accept  = 0;
author	Stefan Bühler <stbuehler@web.de>	2014-10-16 17:52:14 +0000
committer	Stefan Bühler <stbuehler@web.de>	2014-10-16 17:52:14 +0000
commit	084df7e99a8738be79f83e330415a8963280dc4a (patch)
tree	0dde9d14f480219fc050d30d1ddf7f531f5986f2
parent	4a6838103d8a6de025dcce1adfa6f508f17b3c16 (diff)
download	lighttpd-git-084df7e99a8738be79f83e330415a8963280dc4a.tar.gz