From e4fd5111faf10995eb3161ae2d945565f7509f85 Mon Sep 17 00:00:00 2001 From: Jason Volk Date: Tue, 12 Mar 2019 17:47:27 -0700 Subject: [PATCH] ircd::openssl: Add overload to get cipher list from SSL_CTX. --- include/ircd/openssl.h | 3 ++- ircd/openssl.cc | 22 ++++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/include/ircd/openssl.h b/include/ircd/openssl.h index 0ac30e245..5b6088c37 100644 --- a/include/ircd/openssl.h +++ b/include/ircd/openssl.h @@ -127,7 +127,8 @@ namespace ircd::openssl string_view name(const SSL_CIPHER &); const SSL_CIPHER *current_cipher(const SSL &); string_view shared_ciphers(const mutable_buffer &buf, const SSL &); - string_view cipher_list(const SSL &, const int &priority = -1); + string_view cipher_list(const SSL &, const int &priority); + std::string cipher_list(const SSL_CTX &, const int &priority = 0); void set_cipher_list(SSL &, const std::string &list); void set_cipher_list(SSL_CTX &, const std::string &list); void set_ecdh_auto(SSL_CTX &, const bool & = true); diff --git a/ircd/openssl.cc b/ircd/openssl.cc index 36b90d99d..da848e5ea 100644 --- a/ircd/openssl.cc +++ b/ircd/openssl.cc @@ -105,6 +105,28 @@ ircd::openssl::set_cipher_list(SSL &ssl, call(::SSL_set_cipher_list, &ssl, list.c_str()); } +std::string +ircd::openssl::cipher_list(const SSL_CTX &ctx, + const int &priority) +{ + const custom_ptr ssl + { + SSL_new(const_cast(&ctx)), SSL_free + }; + + std::stringstream ret; + for(int i(priority); priority? i <= priority : true; ++i) + { + const auto cipher(cipher_list(*ssl, i)); + if(!empty(cipher)) + ret << cipher << ':'; + else + break; + } + + return ret.str(); +} + ircd::string_view ircd::openssl::cipher_list(const SSL &ssl, const int &priority)