diff options
Diffstat (limited to 'testing/libtls-standalone/libtls-ciphers.patch')
-rw-r--r-- | testing/libtls-standalone/libtls-ciphers.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/testing/libtls-standalone/libtls-ciphers.patch b/testing/libtls-standalone/libtls-ciphers.patch new file mode 100644 index 00000000000..b0379446558 --- /dev/null +++ b/testing/libtls-standalone/libtls-ciphers.patch @@ -0,0 +1,25 @@ +--- libressl-2.7.4.orig/tls/tls_internal.h ++++ libressl-2.7.4/tls/tls_internal.h +@@ -30,10 +30,10 @@ + #define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem" + #endif + +-#define TLS_CIPHERS_DEFAULT "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE" + #define TLS_CIPHERS_COMPAT "HIGH:!aNULL" + #define TLS_CIPHERS_LEGACY "HIGH:MEDIUM:!aNULL" + #define TLS_CIPHERS_ALL "ALL:!aNULL:!eNULL" ++#define TLS_CIPHERS_DEFAULT TLS_CIPHERS_COMPAT + + #define TLS_ECDHE_CURVES "X25519,P-256,P-384" + +--- libressl-2.7.4.orig/tls/tls_internal.h ++++ libressl-2.7.4/tls/tls_internal.h +@@ -35,7 +35,7 @@ + #define TLS_CIPHERS_ALL "ALL:!aNULL:!eNULL" + #define TLS_CIPHERS_DEFAULT TLS_CIPHERS_COMPAT + +-#define TLS_ECDHE_CURVES "X25519,P-256,P-384" ++#define TLS_ECDHE_CURVES "P-256,P-384" + + union tls_addr { + struct in_addr ip4; |