Overview

File curl-HIGH-cipher-fallback.patch of Package curl.openSUSE_Leap_42.3_Update

Index: curl-7.37.0/lib/vtls/openssl.c
===================================================================
--- curl-7.37.0.orig/lib/vtls/openssl.c
+++ curl-7.37.0/lib/vtls/openssl.c
@@ -1739,9 +1739,21 @@ ossl_connect_step1(struct connectdata *c
   ciphers = data->set.str[STRING_SSL_CIPHER_LIST];
   if(!ciphers)
     ciphers = (char *)DEFAULT_CIPHER_SELECTION;
-  if(!SSL_CTX_set_cipher_list(connssl->ctx, ciphers)) {
-    failf(data, "failed setting cipher list: %s", ciphers);
-    return CURLE_SSL_CIPHER;
+  if(ciphers){
+    if(!SSL_CTX_set_cipher_list(connssl->ctx, ciphers)) {
+      if(!strcmp(ciphers, "DEFAULT_SUSE")) {
+        infof(data, "cipher list %s not available, using %s\n", "DEFAULT_SUSE", "HIGH");
+        if(!SSL_CTX_set_cipher_list(connssl->ctx, "HIGH")){
+          failf(data, "failed setting cipher list: %s, setting cipher list %s also failed",
+                      "DEFAULT_SUSE", "HIGH");
+          return CURLE_SSL_CIPHER;
+        }
+      }
+      else {
+        failf(data, "failed setting cipher list: %s", ciphers);
+        return CURLE_SSL_CIPHER;
+      }
+    }
   }
 
 #ifdef USE_TLS_SRP
openSUSE Build Service is sponsored by
Places