From 0bfe6ff82617b4a0cfeee10b58c48108b938d64a Mon Sep 17 00:00:00 2001
From: Doug Coleman <doug.coleman@gmail.com>
Date: Fri, 4 Mar 2016 09:19:08 -0800
Subject: [PATCH] openssl: support more protocols for forward secrecy.

---
 basis/io/sockets/secure/openssl/openssl.factor | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/basis/io/sockets/secure/openssl/openssl.factor b/basis/io/sockets/secure/openssl/openssl.factor
index 711d4dc2c7..d9cf7d09a6 100644
--- a/basis/io/sockets/secure/openssl/openssl.factor
+++ b/basis/io/sockets/secure/openssl/openssl.factor
@@ -166,7 +166,7 @@ SYMBOL: default-secure-context
 
 : set-secure-cipher-list-only ( ssl -- ssl )
     dup handle>>
-    "DES-CBC3-SHA:IDEA-CBC-SHA:AES128-SHA:CAMELLIA128-SHA:AES256-SHA:CAMELLIA256-SHA"
+    "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:AES128-SHA:CAMELLIA128-SHA:AES256-SHA:CAMELLIA256-SHA"
     SSL_set_cipher_list ssl-error ;
 
 : <ssl-handle> ( fd -- ssl )