ssl: Add option to specify SSL cipher suite preference.

author: Haw Loeung <h.loeung@unixque.com> 2015-04-14 18:07:35 +1000
committer: Haw Loeung <h.loeung@unixque.com> 2015-04-14 18:07:35 +1000
commit: 50e955e342c02ac55c48d5be71a940596ff72ac8 (patch)
tree: 8ebfff62c14067cea9c4e37fd39a046e2c82d736 /src/core/network-openssl.c
parent: 9ffe52ec5e3f0643e7ddd12f4d21c0788d2f8cea (diff)
download: irssi-50e955e342c02ac55c48d5be71a940596ff72ac8.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c
index dcd857d8..e55f2ace 100644
--- a/src/core/network-openssl.c
+++ b/src/core/network-openssl.c
@@ -460,6 +460,7 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_
 	const char *mypass = server->connrec->ssl_pass;
 	const char *cafile = server->connrec->ssl_cafile;
 	const char *capath = server->connrec->ssl_capath;
+	const char *ciphers = server->connrec->ssl_ciphers;
 	gboolean verify = server->connrec->ssl_verify;
 
 	g_return_val_if_fail(handle != NULL, NULL);
@@ -478,6 +479,7 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_
 	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
 	SSL_CTX_set_default_passwd_cb(ctx, get_pem_password_callback);
 	SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *)mypass);
+	SSL_CTX_set_cipher_list(ctx, ciphers);
 
 	if (mycert && *mycert) {
 		char *scert = NULL, *spkey = NULL;
author	Haw Loeung <h.loeung@unixque.com>	2015-04-14 18:07:35 +1000
committer	Haw Loeung <h.loeung@unixque.com>	2015-04-14 18:07:35 +1000
commit	50e955e342c02ac55c48d5be71a940596ff72ac8 (patch)
tree	8ebfff62c14067cea9c4e37fd39a046e2c82d736 /src/core/network-openssl.c
parent	9ffe52ec5e3f0643e7ddd12f4d21c0788d2f8cea (diff)
download	irssi-50e955e342c02ac55c48d5be71a940596ff72ac8.zip