You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 lines
793 B
14 lines
793 B
4 days ago
|
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
|
||
|
index cd6d842..7c04700 100644
|
||
|
--- a/src/openvpn/ssl_openssl.c
|
||
|
+++ b/src/openvpn/ssl_openssl.c
|
||
|
@@ -441,7 +441,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
|
||
|
/* Use sane default TLS cipher list */
|
||
|
if (!SSL_CTX_set_cipher_list(ctx->ctx,
|
||
|
/* Use openssl's default list as a basis */
|
||
|
- "DEFAULT"
|
||
|
+ "PROFILE=SYSTEM"
|
||
|
/* Disable export ciphers and openssl's 'low' and 'medium' ciphers */
|
||
|
":!EXP:!LOW:!MEDIUM"
|
||
|
/* Disable static (EC)DH keys (no forward secrecy) */
|