summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorerdgeist <de@gsmk.de>2014-05-07 16:52:59 +0200
committererdgeist <de@gsmk.de>2014-05-07 16:52:59 +0200
commitd2b1eba3f179c1c176bc52e9c539c43845a453c1 (patch)
tree938d01e8617d8153e75e222a09721cbeb2192954
parent11ae08925e5c007eeadbaffc04a62e9d512d75c8 (diff)
use version-independent cipherlist again
-rwxr-xr-xvchat-ssl.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/vchat-ssl.c b/vchat-ssl.c
index 91b25ba..73a56fa 100755
--- a/vchat-ssl.c
+++ b/vchat-ssl.c
@@ -74,10 +74,8 @@ SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store )
74 SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); 74 SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
75 if (getstroption(CF_CIPHERSUITE)) 75 if (getstroption(CF_CIPHERSUITE))
76 SSL_CTX_set_cipher_list(ctx, getstroption(CF_CIPHERSUITE)); 76 SSL_CTX_set_cipher_list(ctx, getstroption(CF_CIPHERSUITE));
77 else if( OPENSSL_VERSION_NUMBER < 0x10000000L )
78 SSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA");
79 else 77 else
80 SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES256-GCM-SHA384"); 78 SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA");
81 79
82 SSL_CTX_set_verify_depth (ctx, getintoption(CF_VERIFYSSL)); 80 SSL_CTX_set_verify_depth (ctx, getintoption(CF_VERIFYSSL));
83 81