diff options
| author | Yonit Halperin <yhalperi@redhat.com> | 2010-03-18 10:21:47 +0100 |
|---|---|---|
| committer | Alexander Larsson <alexl@redhat.com> | 2010-03-18 10:21:47 +0100 |
| commit | 457693fcfac7c178bdc9ca23295aa52d815ea0d6 (patch) | |
| tree | f3176bcb321373b2f8974f6dcdeceb4082dba0cf /client/red_peer.cpp | |
| parent | f16e16393e128a335b5e2d22c21315881409e99f (diff) | |
| download | spice-457693fcfac7c178bdc9ca23295aa52d815ea0d6.tar.gz spice-457693fcfac7c178bdc9ca23295aa52d815ea0d6.tar.xz spice-457693fcfac7c178bdc9ca23295aa52d815ea0d6.zip | |
client: add command line support for ciphers, ca file, and host certificate subject
Diffstat (limited to 'client/red_peer.cpp')
| -rw-r--r-- | client/red_peer.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/client/red_peer.cpp b/client/red_peer.cpp index 5d939a4d..2f1ac194 100644 --- a/client/red_peer.cpp +++ b/client/red_peer.cpp @@ -466,7 +466,6 @@ int RedPeer::ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) return 0; } -// todo: use SSL_CTX_set_cipher_list, etc. void RedPeer::connect_secure(const ConnectionOptions& options, const char* host) { int return_code; @@ -515,6 +514,12 @@ void RedPeer::connect_secure(const ConnectionOptions& options, const char* host) SSL_CTX_set_verify(_ctx, SSL_VERIFY_PEER, ssl_verify_callback); } + return_code = SSL_CTX_set_cipher_list(_ctx, options.ciphers.c_str()); + if (return_code != 1) { + LOG_WARN("SSL_CTX_set_cipher_list failed, ciphers=%s", options.ciphers.c_str()); + ssl_error(); + } + _ssl = SSL_new(_ctx); if (!_ssl) { THROW("create ssl failed"); |