Disable ciphers that use keys smaller than 128 bits

Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/w3m/+bug/1325674
2014-06-23 22:32:21 +09:00
parent dbd52ac2ca
commit 3335b5e824
1 changed files with 1 additions and 0 deletions
--- a/url.c
+++ b/url.c
@@ -326,6 +326,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 	SSL_load_error_strings();
 	if (!(ssl_ctx = SSL_CTX_new(SSLv23_client_method())))
 	    goto eend;
+	SSL_CTX_set_cipher_list(ssl_ctx, "DEFAULT:!LOW:!EXP");
 	option = SSL_OP_ALL;
 	if (ssl_forbid_method) {
 	    if (strchr(ssl_forbid_method, '2'))