blob: a243c611131ac47fce377e9b1fa67b047855d547 (
plain) (
tree)
|
|
Subject: Disable ciphers that use keys smaller than 128 bits
From: Tatsuya Kinoshita <tats@debian.org>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/w3m/+bug/1325674
diff --git a/url.c b/url.c
index ed6062e..e6b51c8 100644
--- a/url.c
+++ b/url.c
@@ -326,6 +326,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
SSL_load_error_strings();
if (!(ssl_ctx = SSL_CTX_new(SSLv23_client_method())))
goto eend;
+ SSL_CTX_set_cipher_list(ssl_ctx, "DEFAULT:!LOW:!EXP");
option = SSL_OP_ALL;
if (ssl_forbid_method) {
if (strchr(ssl_forbid_method, '2'))
|