From 07c4e3ea832cedee734f3f972c5020240fe2acf4 Mon Sep 17 00:00:00 2001
From: Marhoosh <54924700+Marhoosh@users.noreply.github.com>
Date: Fri, 7 Jun 2024 09:14:05 +0800
Subject: [PATCH] =?UTF-8?q?=E7=A6=81=E7=94=A8RC4=E5=AF=86=E7=A0=81?=
 =?UTF-8?q?=E5=A5=97=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

由于sslport端口扫出了使用RC4不安全密码套件漏洞，故此禁用
---
 src/Util/SSLBox.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Util/SSLBox.cpp b/src/Util/SSLBox.cpp
index 4739e081..a8234820 100644
--- a/src/Util/SSLBox.cpp
+++ b/src/Util/SSLBox.cpp
@@ -184,7 +184,7 @@ void SSL_Initor::setupCtx(SSL_CTX *ctx) {
 #if defined(ENABLE_OPENSSL)
     //加载默认信任证书
     SSLUtil::loadDefaultCAs(ctx);
-    SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:!3DES:!DES:!IDEA:@STRENGTH");
+    SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:!3DES:!DES:!IDEA:!RC4:@STRENGTH");
     SSL_CTX_set_verify_depth(ctx, 9);
     SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
     SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);