From 50e955e342c02ac55c48d5be71a940596ff72ac8 Mon Sep 17 00:00:00 2001
From: Haw Loeung <h.loeung@unixque.com>
Date: Tue, 14 Apr 2015 18:07:35 +1000
Subject: ssl: Add option to specify SSL cipher suite preference.

---
 src/core/chat-commands.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/core/chat-commands.c')

diff --git a/src/core/chat-commands.c b/src/core/chat-commands.c
index 8d1ac3eb..3ee7beca 100644
--- a/src/core/chat-commands.c
+++ b/src/core/chat-commands.c
@@ -106,6 +106,8 @@ static SERVER_CONNECT_REC *get_server_connect(const char *data, int *plus_addr,
 		conn->ssl_cafile = g_strdup(tmp);
 	if ((tmp = g_hash_table_lookup(optlist, "ssl_capath")) != NULL)
 		conn->ssl_capath = g_strdup(tmp);
+	if ((tmp = g_hash_table_lookup(optlist, "ssl_ciphers")) != NULL)
+		conn->ssl_ciphers = g_strdup(tmp);
 	if ((conn->ssl_capath != NULL && conn->ssl_capath[0] != '\0')
 	||  (conn->ssl_cafile != NULL && conn->ssl_cafile[0] != '\0'))
 		conn->ssl_verify = TRUE;
@@ -138,6 +140,7 @@ static SERVER_CONNECT_REC *get_server_connect(const char *data, int *plus_addr,
 
 /* SYNTAX: CONNECT [-4 | -6] [-ssl] [-ssl_cert <cert>] [-ssl_pkey <pkey>] [-ssl_pass <password>]
                    [-ssl_verify] [-ssl_cafile <cafile>] [-ssl_capath <capath>]
+                   [-ssl_ciphers <list>]
                    [-!] [-noautosendcmd]
 		   [-noproxy] [-network <network>] [-host <hostname>]
 		   [-rawlog <file>]
@@ -244,6 +247,7 @@ static void sig_default_command_server(const char *data, SERVER_REC *server,
 
 /* SYNTAX: SERVER [-4 | -6] [-ssl] [-ssl_cert <cert>] [-ssl_pkey <pkey>] [-ssl_pass <password>]
                   [-ssl_verify] [-ssl_cafile <cafile>] [-ssl_capath <capath>]
+                  [-ssl_ciphers <list>]
                   [-!] [-noautosendcmd]
 		  [-noproxy] [-network <network>] [-host <hostname>]
 		  [-rawlog <file>]
@@ -483,7 +487,7 @@ void chat_commands_init(void)
 	signal_add("default command server", (SIGNAL_FUNC) sig_default_command_server);
 	signal_add("server sendmsg", (SIGNAL_FUNC) sig_server_sendmsg);
 
-	command_set_options("connect", "4 6 !! -network ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +host noproxy -rawlog noautosendcmd");
+	command_set_options("connect", "4 6 !! -network ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers +host noproxy -rawlog noautosendcmd");
 	command_set_options("msg", "channel nick");
 }
 
-- 
cgit v1.2.3