From 2e1b98f8044935685907e379e194747ecded6ec9 Mon Sep 17 00:00:00 2001
From: Evan Broder <evan@stripe.com>
Date: Sat, 25 Jan 2014 15:51:53 +0000
Subject: [PATCH] Explicitly set a cipher suite list that doesn't include
 EXPORT ciphers

---
 lib/Stripe/ApiRequestor.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/Stripe/ApiRequestor.php b/lib/Stripe/ApiRequestor.php
index 1ee130eb6..728e383a8 100644
--- a/lib/Stripe/ApiRequestor.php
+++ b/lib/Stripe/ApiRequestor.php
@@ -169,6 +169,7 @@ private function _curlRequest($meth, $absUrl, $headers, $params)
     $opts[CURLOPT_TIMEOUT] = 80;
     $opts[CURLOPT_RETURNTRANSFER] = true;
     $opts[CURLOPT_HTTPHEADER] = $headers;
+    $opts[CURLOPT_SSL_CIPHER_LIST] = "DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2";
     if (!Stripe::$verifySslCerts)
       $opts[CURLOPT_SSL_VERIFYPEER] = false;