From d2b1eba3f179c1c176bc52e9c539c43845a453c1 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Wed, 7 May 2014 16:52:59 +0200 Subject: use version-independent cipherlist again --- vchat-ssl.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/vchat-ssl.c b/vchat-ssl.c index 91b25ba..73a56fa 100755 --- a/vchat-ssl.c +++ b/vchat-ssl.c @@ -74,10 +74,8 @@ SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store ) SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); if (getstroption(CF_CIPHERSUITE)) SSL_CTX_set_cipher_list(ctx, getstroption(CF_CIPHERSUITE)); - else if( OPENSSL_VERSION_NUMBER < 0x10000000L ) - SSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA"); else - SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES256-GCM-SHA384"); + SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA"); SSL_CTX_set_verify_depth (ctx, getintoption(CF_VERIFYSSL)); -- cgit v1.2.3