--- ejabberd-13.12/deps/p1_tls/c_src/p1_tls_drv.c.orig	2013-12-23 22:55:13.000000000 +0100
+++ ejabberd-13.12/deps/p1_tls/c_src/p1_tls_drv.c	2014-03-13 14:21:50.000000000 +0100
@@ -47,7 +47,7 @@
 #define SSL_OP_NO_TICKET 0
 #endif
 
-#define CIPHERS "DEFAULT:!EXPORT:!LOW:!RC4:!SSLv2"
+#define CIPHERS "DEFAULT:!EXPORT:!LOW:!RC4:!SSLv2:!3DES"
 
 /*
  * R15B changed several driver callbacks to use ErlDrvSizeT and
@@ -548,13 +548,13 @@ static ErlDrvSSizeT tls_drv_control(ErlD
 	 SSL_set_bio(d->ssl, d->bio_read, d->bio_write);
 
 	 if (command == SET_CERTIFICATE_FILE_ACCEPT) {
-	    options |= (SSL_OP_NO_TICKET|SSL_OP_ALL|SSL_OP_NO_SSLv2);
+	    options |= (SSL_OP_NO_TICKET|SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
 
 	    SSL_set_options(d->ssl, options);
 
 	    SSL_set_accept_state(d->ssl);
 	 } else {
-	    options |= (SSL_OP_NO_TICKET|SSL_OP_NO_SSLv2);
+	    options |= (SSL_OP_NO_TICKET|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
 
 	    SSL_set_options(d->ssl, options);