use default tls 1.3 cipher suite

2018-03-17 17:54:02 +01:00 · 2018-03-17 17:54:02 +01:00 · c5202c1bd7
parent d00af5ae0e
commit c5202c1bd7
1 changed files with 2 additions and 1 deletions
--- a/src/LibsslTLSContext.cc
+++ b/src/LibsslTLSContext.cc
@ -142,12 +142,13 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
  /* keep memory usage low */
  SSL_CTX_set_mode(sslCtx_, SSL_MODE_RELEASE_BUFFERS);
 #endif
+#ifndef TLS1_3_VERSION
  if (SSL_CTX_set_cipher_list(sslCtx_, "HIGH:!aNULL:!eNULL") == 0) {
    good_ = false;
    A2_LOG_ERROR(fmt("SSL_CTX_set_cipher_list() failed. Cause: %s",
                     ERR_error_string(ERR_get_error(), nullptr)));
  }
-
+#endif //TLS1_3_VERSION
 #if OPENSSL_VERSION_NUMBER >= 0x0090800fL
 #ifndef OPENSSL_NO_ECDH
  auto ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);