diff options
| author | Yonit Halperin <yhalperi@redhat.com> | 2010-03-10 10:12:15 +0200 |
|---|---|---|
| committer | Uri Lublin <uril@redhat.com> | 2010-03-14 15:35:02 +0200 |
| commit | eea29361db0fcf399b9843c789a7eefae758159e (patch) | |
| tree | ca3c97f7e2c244b2fb546f915237ea40e74074a0 /client/red_peer.cpp | |
| parent | ffdf050cce98b3be61ccc44373441eff5915ad7f (diff) | |
| download | spice-eea29361db0fcf399b9843c789a7eefae758159e.tar.gz spice-eea29361db0fcf399b9843c789a7eefae758159e.tar.xz spice-eea29361db0fcf399b9843c789a7eefae758159e.zip | |
client: add command line support for ciphers, ca file, and host certificate subject #573371spice-client-0.4.2-2.el6
Diffstat (limited to 'client/red_peer.cpp')
| -rw-r--r-- | client/red_peer.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/client/red_peer.cpp b/client/red_peer.cpp index a1dca53c..069fdae5 100644 --- a/client/red_peer.cpp +++ b/client/red_peer.cpp @@ -509,7 +509,6 @@ int RedPeer::ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) return 0; } -// todo: use SSL_CTX_set_cipher_list, etc. void RedPeer::connect_secure(const ConnectionOptions& options, const char* host) { int return_code; @@ -558,6 +557,12 @@ void RedPeer::connect_secure(const ConnectionOptions& options, const char* host) SSL_CTX_set_verify(_ctx, SSL_VERIFY_PEER, ssl_verify_callback); } + return_code = SSL_CTX_set_cipher_list(_ctx, options.ciphers.c_str()); + if (return_code != 1) { + LOG_WARN("SSL_CTX_set_cipher_list failed, ciphers=%s", options.ciphers.c_str()); + ssl_error(); + } + _ssl = SSL_new(_ctx); if (!_ssl) { THROW("create ssl failed"); |