From 2135b04296725ceaf496f0174d7bc3bb4867dc9b Mon Sep 17 00:00:00 2001 From: Randy Barlow <randy@electronsweatshop.com> Date: Fri, 10 Nov 2017 22:51:17 -0500 Subject: [PATCH] Use the system ciphers by default. This patch was originally written by Jeremy Cline <jeremy@jcline.org>. Signed-off-by: Randy Barlow <randy@electronsweatshop.com> --- c_src/fast_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c_src/fast_tls.c b/c_src/fast_tls.c index 543ebef..eea32c9 100644 --- a/c_src/fast_tls.c +++ b/c_src/fast_tls.c @@ -82,7 +82,7 @@ void __free(void *ptr, size_t size) { #define SSL_CTX_set_ecdh_auto(A, B) do {} while(0) #endif -#define CIPHERS "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH" +#define CIPHERS "PROFILE=SYSTEM" #define PROTOCOL_OPTIONS "no_sslv3|cipher_server_preference|no_compression" static ErlNifResourceType *tls_state_t = NULL; -- 2.15.1