free
/
freedombone
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
Przeglądaj źródła

Switch to mozilla recommended ciphers 

These work better on Android devices
Bob Mottram 8 lat temu
rodzic
490a6c9982
commit
407309fe8a
1 zmienionych plików z 3 dodań i 2 usunięć
Zunifikowany widok Pokaż statystyki zmian
  1. 3
    2
      src/freedombone-utils-web

+ 3
- 2
src/freedombone-utils-web Wyświetl plik

41 
 # list of encryption protocols
 41 
 # list of encryption protocols
42 
 SSL_PROTOCOLS="TLSv1 TLSv1.1 TLSv1.2"
 42 
 SSL_PROTOCOLS="TLSv1 TLSv1.1 TLSv1.2"
43
43
44 
-# list of ciphers to use.  See bettercrypto.org recommendations
45 
-SSL_CIPHERS="EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA"
44 
+# Mozilla recommended default ciphers. These work better on Android
45 
+# See https://wiki.mozilla.org/Security/Server_Side_TLS
46 
+SSL_CIPHERS="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"
46
47
47 
 NGINX_ENSITE_REPO="https://github.com/perusio/nginx_ensite"
 48 
 NGINX_ENSITE_REPO="https://github.com/perusio/nginx_ensite"
48 
 NGINX_ENSITE_COMMIT='fa4d72ce1c0a490442c8474e9c8dc21ed52c93d0'
 49 
 NGINX_ENSITE_COMMIT='fa4d72ce1c0a490442c8474e9c8dc21ed52c93d0'