Hello! On Sun, Sep 22, 2013 at 10:40:23PM -0700, Piotr Sikora wrote:
> # HG changeset patch > # User Piotr Sikora <[email protected]> > # Date 1379914582 25200 > # Sun Sep 22 22:36:22 2013 -0700 > # Node ID 1039d5b5365dd553a5cc3fbca95a6f3aa9ff6dc2 > # Parent 0fbcfab0bfd72dbc40c3ee75665e81a08ed2fa0b > Proxy: added the "proxy_ssl_ciphers" directive. Already asked in another thread if it really worth adding. [...] > +#define NGX_DEFAULT_CIPHERS "HIGH:!aNULL:!MD5" [...] > + ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, > + NGX_DEFAULT_CIPHERS); This modifies current behaviour, and only allows to use HIGH:!aNULL:!MD5 chipers by default. Are there any specific reasons to? The "!aNULL" looks especially wierd, as we don't check peers certificates anyway. -- Maxim Dounin http://nginx.org/en/donation.html _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
