From 997e92e052301e633fd6560bc5a369fc0d965f8d Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Sun, 30 Oct 2016 18:49:29 -0700
Subject: [PATCH] Merge ssl option setup

The client will ignore server-side options so we may as well stick them
all in the same spot.
---
 openssl/src/ssl/connector.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs
index bea54a4e..94784e81 100644
--- a/openssl/src/ssl/connector.rs
+++ b/openssl/src/ssl/connector.rs
@@ -34,6 +34,9 @@ fn ctx(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> {
     opts &= !ssl::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
     opts |= ssl::SSL_OP_NO_SSLV2;
     opts |= ssl::SSL_OP_NO_SSLV3;
+    opts |= ssl::SSL_OP_SINGLE_DH_USE;
+    opts |= ssl::SSL_OP_SINGLE_ECDH_USE;
+    opts |= ssl::SSL_OP_CIPHER_SERVER_PREFERENCE;
     ctx.set_options(opts);
 
     Ok(ctx)
@@ -117,8 +120,6 @@ impl ServerConnectorBuilder {
               I::Item: AsRef<X509Ref>
     {
         let mut ctx = try!(ctx(method));
-        ctx.set_options(ssl::SSL_OP_SINGLE_DH_USE | ssl::SSL_OP_SINGLE_ECDH_USE |
-                        ssl::SSL_OP_CIPHER_SERVER_PREFERENCE);
         let dh = try!(Dh::from_pem(DHPARAM_PEM.as_bytes()));
         try!(ctx.set_tmp_dh(&dh));
         try!(setup_curves(&mut ctx));
@@ -151,7 +152,6 @@ impl ServerConnectorBuilder {
               I::Item: AsRef<X509Ref>
     {
         let mut ctx = try!(ctx(method));
-        ctx.set_options(ssl::SSL_OP_SINGLE_ECDH_USE | ssl::SSL_OP_CIPHER_SERVER_PREFERENCE);
         try!(setup_curves(&mut ctx));
         try!(ctx.set_cipher_list(
             "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\