diff options
Diffstat (limited to 'src/openvpn')
| -rw-r--r-- | src/openvpn/ssl_openssl.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 7ad7eab..f079652 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -219,7 +219,9 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) { if (ciphers == NULL) { - /* Nothing to do */ + /* Use sane default */ + if(!SSL_CTX_set_cipher_list(ctx->ctx, "DEFAULT:!EXP")) + msg(M_SSLERR, "Failed to set default TLS cipher list."); return; } |