darwinssl: disable insecure ciphers by default

I noticed that aria2's SecureTransport code disables insecure ciphers such as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later. That's a good idea, and now we do the same thing in order to prevent curl from accessing a "secure" site that only negotiates insecure ciphersuites.
author: Nick Zitzmann <nickzman@gmail.com> 2013-04-08 17:07:20 -0600
committer: Nick Zitzmann <nickzman@gmail.com> 2013-04-08 17:07:20 -0600
commit: d7f4c3772e72ffc909a2823cec0766757eaf1245 (patch)
tree: 658194beebcca71241dc9be96d09fa94edb4c7ad /RELEASE-NOTES
parent: 29fdb2700f7979e71b8828c18e0e157a44b6db53 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e9872386d..97f6d79b3 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -78,6 +78,7 @@ This release includes the following bugfixes:
  o winssl: Fixed memory leak if connection was not successful
  o FTP: wait on both connections during active STOR state [21]
  o connect: treat a failed local bind of an interface as a non-fatal error [22]
+ o darwinssl: disable insecure ciphers by default
 
 This release includes the following known bugs:
author	Nick Zitzmann <nickzman@gmail.com>	2013-04-08 17:07:20 -0600
committer	Nick Zitzmann <nickzman@gmail.com>	2013-04-08 17:07:20 -0600
commit	d7f4c3772e72ffc909a2823cec0766757eaf1245 (patch)
tree	658194beebcca71241dc9be96d09fa94edb4c7ad /RELEASE-NOTES
parent	29fdb2700f7979e71b8828c18e0e157a44b6db53 (diff)