m_ssl_openssl Use the system default cipher list if no cipher list is specifed

author: attilamolnar <attilamolnar@hush.com> 2012-07-13 21:32:41 +0200
committer: attilamolnar <attilamolnar@hush.com> 2012-07-13 21:43:20 +0200
commit: 73a4a37376fdf42c70c73ae5d8f8e933c3f28a61 (patch)
tree: 5bab3c554d24673df068b7f495c37e59846277dc /src
parent: 74ee9af96639323d852a8b15be72ee9974e0a826 (diff)
1 files changed, 8 insertions, 5 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index fa9442a00..649b425c2 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -198,14 +198,17 @@ class ModuleSSLOpenSSL : public Module
 			throw ModuleException("Unknown hash type " + hash);
 		use_sha = (hash == "sha1");
 
-		std::string ciphers = conf->getString("ciphers", "ALL");
-		if ((!SSL_CTX_set_cipher_list(ctx, ciphers.c_str())) || (!SSL_CTX_set_cipher_list(clictx, ciphers.c_str())))
+		std::string ciphers = conf->getString("ciphers", "");
+
+		if (!ciphers.empty())
 		{
-			ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Can't set cipher list to %s.", ciphers.c_str());
-			ERR_print_errors_cb(error_callback, this);
+			if ((!SSL_CTX_set_cipher_list(ctx, ciphers.c_str())) || (!SSL_CTX_set_cipher_list(clictx, ciphers.c_str())))
+			{
+				ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Can't set cipher list to %s.", ciphers.c_str());
+				ERR_print_errors_cb(error_callback, this);
+			}
 		}
 
-
 		/* Load our keys and certificates
 		 * NOTE: OpenSSL's error logging API sucks, don't blame us for this clusterfuck.
 		 */
author	attilamolnar <attilamolnar@hush.com>	2012-07-13 21:32:41 +0200
committer	attilamolnar <attilamolnar@hush.com>	2012-07-13 21:43:20 +0200
commit	73a4a37376fdf42c70c73ae5d8f8e933c3f28a61 (patch)
tree	5bab3c554d24673df068b7f495c37e59846277dc /src
parent	74ee9af96639323d852a8b15be72ee9974e0a826 (diff)