Added private macro CIPHERS_LIST_STRING to define ciphers list string.

diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index c06557e..9601113 100644 (file)
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c
@@ -2731,6 +2731,7 @@ libwebsocket_create_context(int port, const char *interf,
 
        SSL_CTX_set_options(context->ssl_ctx, SSL_OP_NO_COMPRESSION);
        SSL_CTX_set_options(context->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
+       SSL_CTX_set_cipher_list(context->ssl_ctx, CIPHERS_LIST_STRING);
 
        /* client context */
 
@@ -2751,6 +2752,7 @@ libwebsocket_create_context(int port, const char *interf,
 
                SSL_CTX_set_options(context->ssl_client_ctx, SSL_OP_NO_COMPRESSION);
                SSL_CTX_set_options(context->ssl_client_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
+               SSL_CTX_set_cipher_list(context->ssl_client_ctx, CIPHERS_LIST_STRING);
 
                /* openssl init for cert verification (for client sockets) */
                if (!ssl_ca_filepath) {

diff --git a/lib/private-libwebsockets.h b/lib/private-libwebsockets.h
index a5a11a7..baf2a81 100644 (file)
--- a/lib/private-libwebsockets.h
+++ b/lib/private-libwebsockets.h
@@ -129,6 +129,7 @@ void debug(const char *format, ...)
 #define LWS_MAX_EXTENSIONS_ACTIVE 10
 #define SPEC_LATEST_SUPPORTED 13
 #define AWAITING_TIMEOUT 5
+#define CIPHERS_LIST_STRING "DEFAULT"
 
 #define MAX_WEBSOCKET_04_KEY_LEN 128
 #define SYSTEM_RANDOM_FILEPATH "/dev/urandom"