When choosing a cipher, use the server's preferences.

author David Galeano <davidgaleano@turbulenz.biz>

Thu, 10 Jan 2013 02:14:12 +0000 (10:14 +0800)

committer Kevron Rees <kevron_m_rees@linux.intel.com>

Thu, 7 Mar 2013 21:01:22 +0000 (13:01 -0800)
author David Galeano <davidgaleano@turbulenz.biz>
Thu, 10 Jan 2013 02:14:12 +0000 (10:14 +0800)
committer Kevron Rees <kevron_m_rees@linux.intel.com>
Thu, 7 Mar 2013 21:01:22 +0000 (13:01 -0800)
diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c

index 302dab3..c06557e 100644 (file)
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c
@@ -2730,6 +2730,7 @@ libwebsocket_create_context(int port, const char *interf,
         }
  
         SSL_CTX_set_options(context->ssl_ctx, SSL_OP_NO_COMPRESSION);
+       SSL_CTX_set_options(context->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
  
         /* client context */
  
@@ -2749,6 +2750,7 @@ libwebsocket_create_context(int port, const char *interf,
                 }
  
                 SSL_CTX_set_options(context->ssl_client_ctx, SSL_OP_NO_COMPRESSION);
+               SSL_CTX_set_options(context->ssl_client_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
  
                 /* openssl init for cert verification (for client sockets) */
                 if (!ssl_ca_filepath) {
author	David Galeano <davidgaleano@turbulenz.biz>
	Thu, 10 Jan 2013 02:14:12 +0000 (10:14 +0800)
committer	Kevron Rees <kevron_m_rees@linux.intel.com>
	Thu, 7 Mar 2013 21:01:22 +0000 (13:01 -0800)