From a9a77147befa4766fd755496d7522f881bf45d9f Mon Sep 17 00:00:00 2001
From: bush <bush@6irc.us>
Date: Thu, 5 Mar 2015 04:31:45 +0000
Subject: [PATCH] Enabled disabling of openssl cipher suits. RC4 disabled by
 default.

---
 config.template.yaml | 1 +
 lib/config.js        | 3 ++-
 lib/server.js        | 3 ++-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/config.template.yaml b/config.template.yaml
index abbfedb3..66fad4d0 100644
--- a/config.template.yaml
+++ b/config.template.yaml
@@ -79,6 +79,7 @@ https:
   passphrase: ''
   certfile: 'localhost.cert'
   cafile: ''
+  ciphers: 'ALL:!RC4'
 
 # Page template values
 # title goes in the upper left corner, description goes in a <meta> tag
diff --git a/lib/config.js b/lib/config.js
index cdab3806..d0ed3c0b 100644
--- a/lib/config.js
+++ b/lib/config.js
@@ -43,7 +43,8 @@ var defaults = {
         keyfile: "localhost.key",
         passphrase: "",
         certfile: "localhost.cert",
-        cafile: ""
+        cafile: "",
+	ciphers: "ALL:!RC4"
     },
     io: {
         domain: "http://localhost",
diff --git a/lib/server.js b/lib/server.js
index 88032089..b83b91b9 100644
--- a/lib/server.js
+++ b/lib/server.js
@@ -72,7 +72,8 @@ var Server = function () {
         key: key,
         cert: cert,
         passphrase: Config.get("https.passphrase"),
-        ca: ca
+        ca: ca,
+	ciphers: Config.get("https.ciphers")
     };
 
     Config.get("listen").forEach(function (bind) {