patch: add tls_set_ciphers()
This commit is contained in:
parent
c936a774dc
commit
09d40ac36c
2 changed files with 48 additions and 0 deletions
|
@ -43,6 +43,7 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite,
|
|||
uint8_t *cli_key, size_t cli_key_size,
|
||||
uint8_t *srv_key, size_t srv_key_size);
|
||||
const char *tls_cipher_name(const struct tls_conn *tc);
|
||||
int tls_set_ciphers(struct tls *tls, const char *cipherv[], size_t count);
|
||||
|
||||
|
||||
/* TCP */
|
||||
|
|
|
@ -660,3 +660,50 @@ const char *tls_cipher_name(const struct tls_conn *tc)
|
|||
|
||||
return SSL_get_cipher_name(tc->ssl);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Set the ciphers to use for this TLS context
|
||||
*
|
||||
* @param tls TLS Context
|
||||
* @param cipherv Vector of cipher names, in order of priority
|
||||
* @param count Number of cipher names in the vector
|
||||
*
|
||||
* @return 0 if success, otherwise errorcode
|
||||
*/
|
||||
int tls_set_ciphers(struct tls *tls, const char *cipherv[], size_t count)
|
||||
{
|
||||
struct mbuf *mb;
|
||||
int r, err;
|
||||
size_t i;
|
||||
|
||||
if (!tls || !cipherv || !count)
|
||||
return EINVAL;
|
||||
|
||||
mb = mbuf_alloc(32 * count);
|
||||
if (!mb)
|
||||
return ENOMEM;
|
||||
|
||||
for (i=0; i<count; i++) {
|
||||
|
||||
err = mbuf_printf(mb, "%s%s", i>0 ? ":" : "", cipherv[i]);
|
||||
if (err)
|
||||
goto out;
|
||||
}
|
||||
|
||||
err = mbuf_write_u8(mb, '\0');
|
||||
if (err)
|
||||
goto out;
|
||||
|
||||
r = SSL_CTX_set_cipher_list(tls->ctx, (char *)mb->buf);
|
||||
if (r <= 0) {
|
||||
ERR_clear_error();
|
||||
err = EPROTO;
|
||||
goto out;
|
||||
}
|
||||
|
||||
out:
|
||||
mem_deref(mb);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
|
Loading…
Add table
Reference in a new issue