From 5413980ba0a4d98fd949d5d068096a3d1e30d92a Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 8 Jun 2018 10:16:53 -0400
Subject: [PATCH] Explicitly undef the cipher list

SuSE mandates a list.  That list does *not* allow
TLSv1.2 ciphers, so explicitly put the fate of
the connection in the server's hands.
---
 perl-xCAT/xCAT/Client.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/perl-xCAT/xCAT/Client.pm b/perl-xCAT/xCAT/Client.pm
index 455c3524e..6a55227e7 100644
--- a/perl-xCAT/xCAT/Client.pm
+++ b/perl-xCAT/xCAT/Client.pm
@@ -260,6 +260,7 @@ sub submit_request {
             SSL_ca_file         => $cafile,
             SSL_verify_mode     => SSL_VERIFY_PEER,
             SSL_verifycn_scheme => "none",
+	    SSL_cipher_list => undef,
             SSL_use_cert        => 1,
             Timeout             => 0,
             %sslargs,
@@ -270,6 +271,7 @@ sub submit_request {
         #need to specify SSL_verify_mode => SSL_VERIFY_NONE explicitly 
         $client = IO::Socket::SSL->start_SSL($pclient,
             SSL_verify_mode => SSL_VERIFY_NONE,
+	    SSL_cipher_list => undef,
             Timeout => 0,
         );
     }