projects
/
oweals
/
openwrt-ustream-ssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
ustream-ssl: Remove RC4 from ciphersuite in server mode.
[oweals/openwrt-ustream-ssl.git]
/
ustream-openssl.c
diff --git
a/ustream-openssl.c
b/ustream-openssl.c
index 2faa8557fbb32384aceb3b8346b404eebf2cba56..eb03dab1ac1dd08f4db5901d56c852d6607ce4fc 100644
(file)
--- a/
ustream-openssl.c
+++ b/
ustream-openssl.c
@@
-52,6
+52,8
@@
__ustream_ssl_context_new(bool server)
#ifndef OPENSSL_NO_ECDH
SSL_CTX_set_ecdh_auto(c, 1);
#endif
+ if (server)
+ SSL_CTX_set_cipher_list(c, "DEFAULT:!RC4:@STRENGTH");
SSL_CTX_set_quiet_shutdown(c, 1);
return (void *) c;