mirrors
/
kore
mirror of https://git.kore.io/kore.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity

Use SSL_OP_CIPHER_SERVER_PREFERENCE by default.

This commit is contained in:
Joris Vink 2013-08-07 20:42:19 +02:00
parent bbfbfc4c61
commit ff613f4665
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/domain.c
View File

@ -83,9 +83,12 @@ kore_domain_sslstart(struct kore_domain *dom)
SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_COMPRESSION);
SSL_CTX_set_mode(dom->ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
SSL_CTX_set_cipher_list(dom->ssl_ctx, kore_ssl_cipher_list);
SSL_CTX_set_mode(dom->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
SSL_CTX_set_cipher_list(dom->ssl_ctx, kore_ssl_cipher_list);
SSL_CTX_set_tlsext_servername_callback(dom->ssl_ctx, kore_ssl_sni_cb);
SSL_CTX_set_next_protos_advertised_cb(dom->ssl_ctx,
kore_ssl_npn_cb, NULL);