so in the source tree: modules/ssl in: ssl_engine_config.c I see two lines: arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL); and tossed eNULL out in: ssl_engine_init.c I see a line: apr_pstrcat(ptemp, "!aNULL:!eNULL:!EXP:", SSL_DEFAULT_CIPHER_LIST,these 3 locations are the only places where NULL ciphers are excluded, right?
RonP.S: why not make it an option that can be configured and where the default 'setting' is "no NULL ciphers" ?
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|