diff options
| author | Steven Fackler <[email protected]> | 2017-09-16 13:10:55 -0400 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2017-09-16 13:10:55 -0400 |
| commit | 7d41009a9c10e54d0b287e6094cc89c14fc1a95c (patch) | |
| tree | 3a70cbd92d08df508abb4abd089e6259ab51bf05 /openssl/src | |
| parent | Fix indentation (diff) | |
| download | rust-openssl-7d41009a9c10e54d0b287e6094cc89c14fc1a95c.tar.xz rust-openssl-7d41009a9c10e54d0b287e6094cc89c14fc1a95c.zip | |
Update default client cipher list
Diffstat (limited to 'openssl/src')
| -rw-r--r-- | openssl/src/ssl/connector.rs | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index 24d938fb..8f568054 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -66,10 +66,13 @@ impl SslConnectorBuilder { pub fn new(method: SslMethod) -> Result<SslConnectorBuilder, ErrorStack> { let mut ctx = try!(ctx(method)); try!(ctx.set_default_verify_paths()); - // From https://github.com/python/cpython/blob/c30098c8c6014f3340a369a31df9c74bdbacc269/Lib/ssl.py#L191 + // From https://github.com/python/cpython/blob/a170fa162dc03f0a014373349e548954fff2e567/Lib/ssl.py#L193 try!(ctx.set_cipher_list( - "ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:ECDH+AES128:\ - DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES", + "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:\ + TLS13-AES-128-GCM-SHA256:\ + ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:\ + ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:\ + !aNULL:!eNULL:!MD5:!3DES" )); setup_verify(&mut ctx); |