https://issues.shibboleth.net/jira/browse/SSPCPP-647

author Scott Cantor <cantor.2@osu.edu>

Wed, 25 Feb 2015 15:54:01 +0000 (15:54 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Wed, 25 Feb 2015 15:54:01 +0000 (15:54 +0000)
author Scott Cantor <cantor.2@osu.edu>
Wed, 25 Feb 2015 15:54:01 +0000 (15:54 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Wed, 25 Feb 2015 15:54:01 +0000 (15:54 +0000)
diff --git a/xmltooling/soap/impl/CURLSOAPTransport.cpp b/xmltooling/soap/impl/CURLSOAPTransport.cpp

index 241755e..c05184f 100644 (file)
--- a/xmltooling/soap/impl/CURLSOAPTransport.cpp
+++ b/xmltooling/soap/impl/CURLSOAPTransport.cpp
@@ -315,7 +315,7 @@ CURL* CURLPool::get(const SOAPTransport::Address& addr)
      curl_easy_setopt(handle,CURLOPT_FAILONERROR,1);
      // This may (but probably won't) help with < 7.20 bug in DNS caching.
      curl_easy_setopt(handle,CURLOPT_DNS_CACHE_TIMEOUT,120);
      curl_easy_setopt(handle,CURLOPT_FAILONERROR,1);
      // This may (but probably won't) help with < 7.20 bug in DNS caching.
      curl_easy_setopt(handle,CURLOPT_DNS_CACHE_TIMEOUT,120);
-    curl_easy_setopt(handle,CURLOPT_SSL_CIPHER_LIST,"ALL:!aNULL:!LOW:!EXPORT:!SSLv2");
+    curl_easy_setopt(handle,CURLOPT_SSL_CIPHER_LIST,"ALL:!aNULL:!LOW:!EXPORT:!RC4:!SSLv2");
      // Verification of the peer is via TrustEngine only.
      curl_easy_setopt(handle,CURLOPT_SSL_VERIFYPEER,0);
      curl_easy_setopt(handle,CURLOPT_CAINFO,nullptr);
      // Verification of the peer is via TrustEngine only.
      curl_easy_setopt(handle,CURLOPT_SSL_VERIFYPEER,0);
      curl_easy_setopt(handle,CURLOPT_CAINFO,nullptr);
author	Scott Cantor <cantor.2@osu.edu>
	Wed, 25 Feb 2015 15:54:01 +0000 (15:54 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Wed, 25 Feb 2015 15:54:01 +0000 (15:54 +0000)