diff options
| author | attilamolnar <attilamolnar@hush.com> | 2012-07-13 21:32:41 +0200 |
|---|---|---|
| committer | attilamolnar <attilamolnar@hush.com> | 2012-07-13 21:43:20 +0200 |
| commit | 73a4a37376fdf42c70c73ae5d8f8e933c3f28a61 (patch) | |
| tree | 5bab3c554d24673df068b7f495c37e59846277dc | |
| parent | 74ee9af96639323d852a8b15be72ee9974e0a826 (diff) | |
m_ssl_openssl Use the system default cipher list if no cipher list is specifed
| -rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index fa9442a00..649b425c2 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -198,14 +198,17 @@ class ModuleSSLOpenSSL : public Module throw ModuleException("Unknown hash type " + hash); use_sha = (hash == "sha1"); - std::string ciphers = conf->getString("ciphers", "ALL"); - if ((!SSL_CTX_set_cipher_list(ctx, ciphers.c_str())) || (!SSL_CTX_set_cipher_list(clictx, ciphers.c_str()))) + std::string ciphers = conf->getString("ciphers", ""); + + if (!ciphers.empty()) { - ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Can't set cipher list to %s.", ciphers.c_str()); - ERR_print_errors_cb(error_callback, this); + if ((!SSL_CTX_set_cipher_list(ctx, ciphers.c_str())) || (!SSL_CTX_set_cipher_list(clictx, ciphers.c_str()))) + { + ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Can't set cipher list to %s.", ciphers.c_str()); + ERR_print_errors_cb(error_callback, this); + } } - /* Load our keys and certificates * NOTE: OpenSSL's error logging API sucks, don't blame us for this clusterfuck. */ |