diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2016-09-02 09:43:55 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2016-09-02 09:43:55 +0000 |
| commit | 75eb5efdca435f749b7d0ce369d3170ac95a1cab (patch) | |
| tree | 1d7fb75185c28c533e5f77a14f09ea26c1e92564 /usr.sbin | |
| parent | fb4fb7c0a200e2baf878cf3b20170094d6518353 (diff) | |
turn server preference for ciphers on by default
ok jsing@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/ssl.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c index 1b06966d9fa..882a23283a2 100644 --- a/usr.sbin/smtpd/ssl.c +++ b/usr.sbin/smtpd/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.86 2016/04/21 14:27:41 jsing Exp $ */ +/* $OpenBSD: ssl.c,v 1.87 2016/09/02 09:43:54 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -267,6 +267,7 @@ ssl_ctx_create(const char *pkiname, char *cert, off_t cert_len, const char *ciph SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TICKET); SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); + SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); if (ciphers == NULL) ciphers = SSL_CIPHERS; |