From 31c75c7ca7e9fc061860e83378135b9f5ff8de80 Mon Sep 17 00:00:00 2001
From: Parag A Nemade <pnemade@fedoraproject.org>
Date: Sat, 14 Mar 2020 12:37:33 +0530
Subject: [PATCH] Fix the cipher list string to ensure that it contains
 PROFILE=SYSTEM as default

---
 url.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/url.c b/url.c
index 1c17e18..6fd4ce4 100644
--- a/url.c
+++ b/url.c
@@ -331,7 +331,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 #endif
 	if (!(ssl_ctx = SSL_CTX_new(SSLv23_client_method())))
 	    goto eend;
-	SSL_CTX_set_cipher_list(ssl_ctx, "DEFAULT:!LOW:!RC4:!EXP");
+	SSL_CTX_set_cipher_list(ssl_ctx, "PROFILE=SYSTEM");
 	option = SSL_OP_ALL;
 	if (ssl_forbid_method) {
 	    if (strchr(ssl_forbid_method, '2'))
-- 
2.9.3