X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=src%2Ftlsproxy.h;h=af58ff24dfadc32ebc338fa9f1e6885b64317b70;hb=HEAD;hp=7bd573b5fb2dc0dfb2a603969f6ecd112f919d0e;hpb=7eba49d24d56288d83746f3f0ce383d7c0c36552;p=tlsproxy%2Ftlsproxy.git

diff --git a/src/tlsproxy.h b/src/tlsproxy.h
index 7bd573b..af58ff2 100644
--- a/src/tlsproxy.h
+++ b/src/tlsproxy.h
@@ -57,6 +57,8 @@
     "SECURE" \
     /* Lower priority of SHA-1, user better hashes if possible. */ \
     ":-SHA1:+SHA1" \
+    /* No RC4, it's broken. */ \
+    ":-ARCFOUR-40:-ARCFOUR-128" \
     /* Force safe renegotiations. Shouldn't cause any problems as this \
      * option only affects the server side (with GnuTLS defaults) and the \
      * local clients most-likely already support safe renegotiations (old \