From cc3e75fc625400018a8e7de4b0d70ceca5485485 Mon Sep 17 00:00:00 2001
From: Anthony Minessale <anthm@freeswitch.org>
Date: Mon, 4 Mar 2013 15:16:18 -0600
Subject: [PATCH] omit weak ciphers to prevent hackage

---
 libs/sofia-sip/.update                               | 2 +-
 libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c | 2 ++
 libs/sofia-sip/libsofia-sip-ua/tport/ws.c            | 2 ++
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/libs/sofia-sip/.update b/libs/sofia-sip/.update
index 0114190bd8..6335ac54bb 100644
--- a/libs/sofia-sip/.update
+++ b/libs/sofia-sip/.update
@@ -1 +1 @@
-Wed Mar  6 12:57:17 CST 2013
+Wed Mar  6 13:01:54 CST 2013
diff --git a/libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c b/libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c
index 75c11a67e0..616937d7e7 100644
--- a/libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c
+++ b/libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c
@@ -388,6 +388,8 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
 	  goto done;
   }
 
+  SSL_CTX_set_cipher_list(wspri->ssl_ctx, "HIGH:!DSS:!aNULL@STRENGTH");
+
   ret = tport_ws_init_primary(pri, tpn, ai, tags, return_culprit);
 
  done:
diff --git a/libs/sofia-sip/libsofia-sip-ua/tport/ws.c b/libs/sofia-sip/libsofia-sip-ua/tport/ws.c
index f66dcc3016..57515b4a79 100644
--- a/libs/sofia-sip/libsofia-sip-ua/tport/ws.c
+++ b/libs/sofia-sip/libsofia-sip-ua/tport/ws.c
@@ -91,6 +91,8 @@ void init_ssl(void) {
 		abort();
     }
 
+	SSL_CTX_set_cipher_list(globals.ssl_ctx, "HIGH:!DSS:!aNULL@STRENGTH");
+
 	thread_setup();
 }