X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fconf.c;h=9c2c912f1d126ee2282653c7ad85d9b2e9f1f91c;hp=9ab66e54cf194b3c7afe68c90104d62e309e8ae1;hb=0985d69cc6c1daa7cdc8f15f93772b12ab3e8271;hpb=d0977258ee14a5178e98c9a00c064d90f0eac9d6

diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c
index 9ab66e54..9c2c912f 100644
--- a/src/ngircd/conf.c
+++ b/src/ngircd/conf.c
@@ -93,6 +93,12 @@ static void Init_Server_Struct PARAMS(( CONF_SERVER *Server ));
 #define DEFAULT_LISTEN_ADDRSTR "0.0.0.0"
 #endif
 
+#ifdef HAVE_LIBSSL
+#define DEFAULT_CIPHERS		"HIGH:!aNULL:@STRENGTH"
+#endif
+#ifdef HAVE_LIBGNUTLS
+#define DEFAULT_CIPHERS		"SECURE128"
+#endif
 
 #ifdef SSL_SUPPORT
 
@@ -435,8 +441,8 @@ Conf_Test( void )
 	puts("[SSL]");
 	printf("  CertFile = %s\n", Conf_SSLOptions.CertFile
 					? Conf_SSLOptions.CertFile : "");
-	printf("  CipherList = %s\n", Conf_SSLOptions.CipherList
-					? Conf_SSLOptions.CipherList : "");
+	printf("  CipherList = %s\n", Conf_SSLOptions.CipherList ?
+	       Conf_SSLOptions.CipherList : DEFAULT_CIPHERS);
 	printf("  DHFile = %s\n", Conf_SSLOptions.DHFile
 					? Conf_SSLOptions.DHFile : "");
 	printf("  KeyFile = %s\n", Conf_SSLOptions.KeyFile
@@ -1032,6 +1038,10 @@ Read_Config(bool TestOnly, bool IsStarting)
 	CheckFileReadable("CertFile", Conf_SSLOptions.CertFile);
 	CheckFileReadable("DHFile", Conf_SSLOptions.DHFile);
 	CheckFileReadable("KeyFile", Conf_SSLOptions.KeyFile);
+
+	/* Set the default ciphers if none were configured */
+	if (!Conf_SSLOptions.CipherList)
+		Conf_SSLOptions.CipherList = strdup_warn(DEFAULT_CIPHERS);
 #endif
 
 	return true;