Skip to content

Commit

Permalink
Update OpenSSL cipher list
Browse files Browse the repository at this point in the history 
This increase security and also fix a recent incompatibility
between OpenSSL and SChannel (SChannel versions patched in a
couple of months).

Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
  • Loading branch information
@freddy77
freddy77 committed Sep 1, 2016
1 parent a41aa03 commit 306aa2f
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions src/tds/tls.c
View file
Expand Up @@ -800,11 +800,12 @@ int
tds_ssl_init(TDSSOCKET *tds)
{
#define OPENSSL_CIPHERS \
"DHE-RSA-AES256-SHA DHE-DSS-AES256-SHA " \
"AES256-SHA EDH-RSA-DES-CBC3-SHA " \
"EDH-DSS-DES-CBC3-SHA DES-CBC3-SHA " \
"DES-CBC3-MD5 DHE-RSA-AES128-SHA " \
"DHE-DSS-AES128-SHA AES128-SHA RC2-CBC-MD5 RC4-SHA RC4-MD5"
"ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA " \
"ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA " \
"DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA " \
"AES256-SHA AES128-SHA " \
"DES-CBC3-SHA DHE-DSS-AES256-SHA " \
"DHE-DSS-AES128-SHA EDH-DSS-DES-CBC3-SHA"

SSL *con;
SSL_CTX *ctx;
Expand Down

0 comments on commit 306aa2f

Please sign in to comment.