From a97ccae7f0b9bd134cdeeabd999343f970cda8d1 Mon Sep 17 00:00:00 2001
From: Andy Brody <git@abrody.com>
Date: Sat, 18 Feb 2017 22:36:13 -0500
Subject: [PATCH] Assert that ciphers are not weak.

---
 spec/unit/request_spec.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/spec/unit/request_spec.rb b/spec/unit/request_spec.rb
index fbce5ee..c249a67 100644
--- a/spec/unit/request_spec.rb
+++ b/spec/unit/request_spec.rb
@@ -1131,6 +1131,11 @@ describe RestClient::Request, :include_helpers do
       @request.send(:transmit, @uri, 'req', 'payload')
     end
 
+    it 'should not have weak default ciphers' do
+      expect(OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.fetch(:ciphers)).not_to \
+        equal("ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW")
+    end
+
     # </ssl>
   end