From e749c5d7847cea3781210e61227214f184c3be61 Mon Sep 17 00:00:00 2001
From: Vincent Richard <vincent@vincent-richard.net>
Date: Mon, 23 Sep 2013 13:33:31 +0200
Subject: [PATCH] Order ciphers according to strength and always exclude ADH
 (OpenSSL).

---
 src/net/tls/openssl/TLSProperties_OpenSSL.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/net/tls/openssl/TLSProperties_OpenSSL.cpp b/src/net/tls/openssl/TLSProperties_OpenSSL.cpp
index 0efc33c9..34e31cf1 100644
--- a/src/net/tls/openssl/TLSProperties_OpenSSL.cpp
+++ b/src/net/tls/openssl/TLSProperties_OpenSSL.cpp
@@ -60,23 +60,23 @@ void TLSProperties::setCipherSuite(const GenericCipherSuite cipherSuite)
 	{
 	case CIPHERSUITE_HIGH:
 
-		setCipherSuite("HIGH");
+		setCipherSuite("HIGH:!ADH:@STRENGTH");
 		break;
 
 	case CIPHERSUITE_MEDIUM:
 
-		setCipherSuite("MEDIUM");
+		setCipherSuite("MEDIUM:!ADH:@STRENGTH");
 		break;
 
 	case CIPHERSUITE_LOW:
 
-		setCipherSuite("LOW");
+		setCipherSuite("LOW:!ADH:@STRENGTH");
 		break;
 
 	default:
 	case CIPHERSUITE_DEFAULT:
 
-		setCipherSuite("DEFAULT");
+		setCipherSuite("DEFAULT:!ADH:@STRENGTH");
 		break;
 	}
 }