From 73a4a37376fdf42c70c73ae5d8f8e933c3f28a61 Mon Sep 17 00:00:00 2001
From: attilamolnar <attilamolnar@hush.com>
Date: Fri, 13 Jul 2012 21:32:41 +0200
Subject: m_ssl_openssl Use the system default cipher list if no cipher list is
 specifed

---
 src/modules/extra/m_ssl_openssl.cpp | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index fa9442a00..649b425c2 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -198,14 +198,17 @@ class ModuleSSLOpenSSL : public Module
 			throw ModuleException("Unknown hash type " + hash);
 		use_sha = (hash == "sha1");
 
-		std::string ciphers = conf->getString("ciphers", "ALL");
-		if ((!SSL_CTX_set_cipher_list(ctx, ciphers.c_str())) || (!SSL_CTX_set_cipher_list(clictx, ciphers.c_str())))
+		std::string ciphers = conf->getString("ciphers", "");
+
+		if (!ciphers.empty())
 		{
-			ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Can't set cipher list to %s.", ciphers.c_str());
-			ERR_print_errors_cb(error_callback, this);
+			if ((!SSL_CTX_set_cipher_list(ctx, ciphers.c_str())) || (!SSL_CTX_set_cipher_list(clictx, ciphers.c_str())))
+			{
+				ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Can't set cipher list to %s.", ciphers.c_str());
+				ERR_print_errors_cb(error_callback, this);
+			}
 		}
 
-
 		/* Load our keys and certificates
 		 * NOTE: OpenSSL's error logging API sucks, don't blame us for this clusterfuck.
 		 */
-- 
cgit v1.2.3