X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=webcit%2Fcrypto.c;h=344dc6a5a83c41999b8ab840ab74cb93408638da;hb=22c01fa65b42abcb91f8d6dfd976c04bdf811815;hp=0545b7260fa31c2217f074352c3d9ac7ebec30d4;hpb=a636e0aa7c9703f3fc8dfe5e36c680a00c17024a;p=citadel.git

diff --git a/webcit/crypto.c b/webcit/crypto.c
index 0545b7260..344dc6a5a 100644
--- a/webcit/crypto.c
+++ b/webcit/crypto.c
@@ -14,10 +14,10 @@
 #define CTDL_CSR_PATH		file_crpt_file_csr
 #define CTDL_CER_PATH		file_crpt_file_cer
 #define SIGN_DAYS		3650			/* how long our certificate should live */
-#define WEBCIT_CIPHER_LIST	"DEFAULT"		/* See http://openssl.org/docs/apps/ciphers.html */
 
 SSL_CTX *ssl_ctx;		/* SSL context */
 pthread_mutex_t **SSLCritters;	/* Things needing locking */
+char *ssl_cipher_list = DEFAULT_SSL_CIPHER_LIST;
 
 pthread_key_t ThreadSSL;	/* Per-thread SSL context */
 
@@ -96,12 +96,12 @@ void init_ssl(void)
 		return;
 	}
 
-	if (!(SSL_CTX_set_cipher_list(ssl_ctx, WEBCIT_CIPHER_LIST))) {
+	lprintf(9, "Requesting cipher list: %s\n", ssl_cipher_list);
+	if (!(SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher_list))) {
 		lprintf(3, "SSL_CTX_set_cipher_list failed: %s\n", ERR_reason_error_string(ERR_get_error()));
 		return;
 	}
 
-
 	CRYPTO_set_locking_callback(ssl_lock);
 	CRYPTO_set_id_callback(id_callback);