From db1b2e6e734f14546637fd83c3b4b1d67fd7c9bf Mon Sep 17 00:00:00 2001
From: eyesudian <127712691+eyesudian@users.noreply.github.com>
Date: Mon, 13 Mar 2023 09:47:22 +0530
Subject: [PATCH] Update ssl.c

---
 ssl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl.c b/ssl.c
index 816a179a1..e1e2f263b 100644
--- a/ssl.c
+++ b/ssl.c
@@ -254,6 +254,9 @@ redisSSLContext *redisCreateSSLContextWithOptions(redisSSLOptions *options, redi
         goto error;
     }
 
+    SSL_CTX_set_cipher_list( ctx->ssl_ctx, "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384");
+    SSL_CTX_set1_curves_list( ctx->ssl_ctx, "P-521:P-384");
+    SSL_CTX_set1_sigalgs_list( ctx->ssl_ctx, "ECDSA+SHA256:RSA+SHA256:ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384");
     SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
     SSL_CTX_set_verify(ctx->ssl_ctx, options->verify_mode, NULL);