]>
Commit | Line | Data |
---|---|---|
69772b7d PM |
1 | diff -Naur openssl-1.1.1c.orig/include/openssl/ssl.h openssl-1.1.1c/include/openssl/ssl.h |
2 | --- openssl-1.1.1c.orig/include/openssl/ssl.h 2019-06-10 20:41:21.209140012 +0200 | |
3 | +++ openssl-1.1.1c/include/openssl/ssl.h 2019-06-10 20:42:26.733973129 +0200 | |
32ba4314 EK |
4 | @@ -170,11 +170,11 @@ |
5 | * an application-defined cipher list string starts with 'DEFAULT'. | |
6 | * This applies to ciphersuites for TLSv1.2 and below. | |
7 | */ | |
8 | -# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" | |
69772b7d | 9 | +# define SSL_DEFAULT_CIPHER_LIST "CHACHA20:HIGH:+aRSA:+SHA384:+SHA256:+DH:+SHA:+kRSA:!eNULL:!aNULL:!PSK:!SRP:!AESCCM:!DSS" |
32ba4314 EK |
10 | /* This is the default set of TLSv1.3 ciphersuites */ |
11 | # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | |
12 | -# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ | |
13 | - "TLS_CHACHA20_POLY1305_SHA256:" \ | |
14 | +# define TLS_DEFAULT_CIPHERSUITES "TLS_CHACHA20_POLY1305_SHA256:" \ | |
15 | + "TLS_AES_256_GCM_SHA384:" \ | |
16 | "TLS_AES_128_GCM_SHA256" | |
17 | # else | |
18 | # define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ |