From 2135b04296725ceaf496f0174d7bc3bb4867dc9b Mon Sep 17 00:00:00 2001
From: Randy Barlow <randy@electronsweatshop.com>
Date: Fri, 10 Nov 2017 22:51:17 -0500
Subject: [PATCH] Use the system ciphers by default.
This patch was originally written by
Jeremy Cline <jeremy@jcline.org>.
Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
---
c_src/fast_tls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/c_src/fast_tls.c b/c_src/fast_tls.c
index 543ebef..eea32c9 100644
--- a/c_src/fast_tls.c
+++ b/c_src/fast_tls.c
@@ -82,7 +82,7 @@ void __free(void *ptr, size_t size) {
#define SSL_CTX_set_ecdh_auto(A, B) do {} while(0)
#endif
-#define CIPHERS "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH"
+#define CIPHERS "PROFILE=SYSTEM"
#define PROTOCOL_OPTIONS "no_sslv3|cipher_server_preference|no_compression"
static ErlNifResourceType *tls_state_t = NULL;
--
2.15.1