aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGavin Andresen <gavinandresen@gmail.com>2013-10-20 19:50:11 -0700
committerGavin Andresen <gavinandresen@gmail.com>2013-10-20 19:50:11 -0700
commitcc7562b7d2dc4eae6e3ab930a2a37cd3c00aac5d (patch)
treee53f39f33bbc4d8e9bc2eb0b6882afcc8ddc24e5 /src
parent496c2a3542aa04419f8911774df3e8b00afb3de6 (diff)
parent1728bf0873590c6905e892044f9f87ee97ff3dbc (diff)
Merge pull request #3104 from Diapolo/rpcssl-defaultciphers
update default -rpcsslciphers to include TLSv1.2
Diffstat (limited to 'src')
-rw-r--r--src/bitcoinrpc.cpp2
-rw-r--r--src/init.cpp2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/bitcoinrpc.cpp b/src/bitcoinrpc.cpp
index 29935d8f6c..f2a52e92ed 100644
--- a/src/bitcoinrpc.cpp
+++ b/src/bitcoinrpc.cpp
@@ -809,7 +809,7 @@ void StartRPCThreads()
if (filesystem::exists(pathPKFile)) rpc_ssl_context->use_private_key_file(pathPKFile.string(), ssl::context::pem);
else LogPrintf("ThreadRPCServer ERROR: missing server private key file %s\n", pathPKFile.string().c_str());
- string strCiphers = GetArg("-rpcsslciphers", "TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH");
+ string strCiphers = GetArg("-rpcsslciphers", "TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH");
SSL_CTX_set_cipher_list(rpc_ssl_context->impl(), strCiphers.c_str());
}
diff --git a/src/init.cpp b/src/init.cpp
index 2ac610b333..daa12d8995 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -258,7 +258,7 @@ std::string HelpMessage()
strUsage += " -rpcssl " + _("Use OpenSSL (https) for JSON-RPC connections") + "\n";
strUsage += " -rpcsslcertificatechainfile=<file.cert> " + _("Server certificate file (default: server.cert)") + "\n";
strUsage += " -rpcsslprivatekeyfile=<file.pem> " + _("Server private key (default: server.pem)") + "\n";
- strUsage += " -rpcsslciphers=<ciphers> " + _("Acceptable ciphers (default: TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH)") + "\n";
+ strUsage += " -rpcsslciphers=<ciphers> " + _("Acceptable ciphers (default: TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH)") + "\n";
return strUsage;
}