Update from 1.0.0-stable

commit: 22c98d4aad76f39ab19e5b63e1448c7d28ca7617 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Wed Apr 08 16:16:35 2009 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Wed Apr 08 16:16:35 2009 +0000
tree: 5fbd0b38a159c7b210b3456707ae7c0f44ca8b06
parent: cc7399e79cbe45ad363d2a67dd04cb599f9481eb [diff] [blame]
diff --git a/ssl/ssl.h b/ssl/ssl.h
index d0c42fa..a9d1fa5 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h

@@ -324,8 +324,8 @@
 /* The following cipher list is used by default.
  * It also is substituted when an application-defined cipher list string
  * starts with 'DEFAULT'. */
-#define SSL_DEFAULT_CIPHER_LIST	"ALL:!aNULL:!eNULL"
-/* As of OpenSSL 0.9.9, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+#define SSL_DEFAULT_CIPHER_LIST	"ALL:!aNULL:!eNULL:!SSlv2"
+/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
  * starts with a reasonable order, and all we have to do for DEFAULT is
  * throwing out anonymous and unencrypted ciphersuites!
  * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
commit	22c98d4aad76f39ab19e5b63e1448c7d28ca7617	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Wed Apr 08 16:16:35 2009 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Wed Apr 08 16:16:35 2009 +0000
tree	5fbd0b38a159c7b210b3456707ae7c0f44ca8b06
parent	cc7399e79cbe45ad363d2a67dd04cb599f9481eb [diff] [blame]