upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-09 22:03:15 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

- Fix #1227: Fix that Unbound control allows weak ciphersuits.

Browse source 
git-svn-id: file:///svn/unbound/trunk@4029 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2017-02-27 15:24:58 +00:00
parent 7455717359
commit 791767d62f
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
daemon/remote.c
View file

@ -260,6 +260,8 @@ daemon_remote_create(struct config_file* cfg)
return NULL;
}
#endif
if(!SSL_CTX_set_cipher_list(rc->ctx, "DEFAULT:!CAMELLIA128:!CAMELLIA256:!SEED:!IDEA:!RC4:!3DES:!DES:!MD5:!SHA:!sect283k1:!sect283r1:!sect409k1:!sect409r1:!sect571k1:!sect571r1:!secp256k1:!brainpoolP256r1:!brainpoolP384r1:!brainpoolP512r1"))
log_crypto_err("coult not set cipher list with SSL_CTX_set_cipher_list");
if (cfg->remote_control_use_cert == 0) {
/* No certificates are requested */