ssl: Fixed call to SSL_CTX_set_cipher_list() only when ssl_ciphers specified and warn when no cipher suite could be selected.

author: Haw Loeung <h.loeung@unixque.com> 2015-04-15 00:44:07 +1000
committer: Haw Loeung <h.loeung@unixque.com> 2015-04-15 00:44:07 +1000
commit: 349ed35ce099d9003078e000acf5d95b5fd644e8 (patch)
tree: e029e945b61272fbe48b628de1678edfb9938735 /src/core/network-openssl.c
parent: 50e955e342c02ac55c48d5be71a940596ff72ac8 (diff)
download: irssi-349ed35ce099d9003078e000acf5d95b5fd644e8.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c
index e55f2ace..465c4154 100644
--- a/src/core/network-openssl.c
+++ b/src/core/network-openssl.c
@@ -479,7 +479,10 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_
 	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
 	SSL_CTX_set_default_passwd_cb(ctx, get_pem_password_callback);
 	SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *)mypass);
-	SSL_CTX_set_cipher_list(ctx, ciphers);
+	if (ciphers && *ciphers) {
+		if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1)
+			g_warning("No valid SSL cipher suite could be selected");
+	}
 
 	if (mycert && *mycert) {
 		char *scert = NULL, *spkey = NULL;
author	Haw Loeung <h.loeung@unixque.com>	2015-04-15 00:44:07 +1000
committer	Haw Loeung <h.loeung@unixque.com>	2015-04-15 00:44:07 +1000
commit	349ed35ce099d9003078e000acf5d95b5fd644e8 (patch)
tree	e029e945b61272fbe48b628de1678edfb9938735 /src/core/network-openssl.c
parent	50e955e342c02ac55c48d5be71a940596ff72ac8 (diff)
download	irssi-349ed35ce099d9003078e000acf5d95b5fd644e8.zip