mirror of
https://github.com/matrix-construct/construct
synced 2024-09-28 19:58:53 +02:00
ircd::net::acceptor: Add conf::item to specify a default whitelist of ciphers in openssl format.
This commit is contained in:
parent
a81038acfa
commit
969a15c341
2 changed files with 14 additions and 0 deletions
|
@ -25,6 +25,7 @@ struct ircd::net::acceptor
|
|||
|
||||
static log::log log;
|
||||
static conf::item<milliseconds> timeout;
|
||||
static conf::item<std::string> ssl_cipher_list;
|
||||
|
||||
net::listener *listener_;
|
||||
std::string name;
|
||||
|
|
13
ircd/net.cc
13
ircd/net.cc
|
@ -1102,6 +1102,13 @@ ircd::net::acceptor::timeout
|
|||
{ "default", 12000L },
|
||||
};
|
||||
|
||||
decltype(ircd::net::acceptor::ssl_cipher_list)
|
||||
ircd::net::acceptor::ssl_cipher_list
|
||||
{
|
||||
{ "name", "ircd.net.acceptor.ssl.cipher.list" },
|
||||
{ "default", string_view{} },
|
||||
};
|
||||
|
||||
std::ostream &
|
||||
ircd::net::operator<<(std::ostream &s, const acceptor &a)
|
||||
{
|
||||
|
@ -1559,6 +1566,12 @@ ircd::net::acceptor::configure(const json::object &opts)
|
|||
assert(ssl.native_handle());
|
||||
openssl::set_cipher_list(*ssl.native_handle(), list);
|
||||
}
|
||||
else if(!empty(string_view(ssl_cipher_list)))
|
||||
{
|
||||
assert(ssl.native_handle());
|
||||
const string_view &list(ssl_cipher_list);
|
||||
openssl::set_cipher_list(*ssl.native_handle(), list);
|
||||
}
|
||||
|
||||
if(!empty(unquote(opts["ssl_curve_list"])))
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue