From b64ffdcf09edd7110c1f851942d0e8d4e05d883c Mon Sep 17 00:00:00 2001
From: Adriaan de Jong <dejong@fox-it.com>
Date: Mon, 27 Jun 2011 09:52:59 +0200
Subject: Refactored get_highest_preference_tls_cipher

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
---
 ssl_openssl.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'ssl_openssl.c')

diff --git a/ssl_openssl.c b/ssl_openssl.c
index 6f6f1b3..c80dfb1 100644
--- a/ssl_openssl.c
+++ b/ssl_openssl.c
@@ -100,3 +100,24 @@ show_available_tls_ciphers ()
   SSL_free (ssl);
   SSL_CTX_free (ctx);
 }
+
+void
+get_highest_preference_tls_cipher (char *buf, int size)
+{
+  SSL_CTX *ctx;
+  SSL *ssl;
+  const char *cipher_name;
+
+  ctx = SSL_CTX_new (TLSv1_method ());
+  if (!ctx)
+    msg (M_SSLERR, "Cannot create SSL_CTX object");
+  ssl = SSL_new (ctx);
+  if (!ssl)
+    msg (M_SSLERR, "Cannot create SSL object");
+
+  cipher_name = SSL_get_cipher_list (ssl, 0);
+  strncpynt (buf, cipher_name, size);
+
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}
-- 
cgit