wolfssl: support setting cipher list

author: Dan Fandrich <dan@coneharvesters.com> 2017-01-06 23:00:45 +0100
committer: Dan Fandrich <dan@coneharvesters.com> 2017-01-06 23:02:09 +0100
commit: bbee0d4eee0335ed129c37063ea47e14be076e57 (patch)
tree: 78365a3040c4b410175551dc109a33f220259583 /lib/vtls/cyassl.c
parent: 5d7a7fcdcbe2850abe8a3d1403a989a355ed4827 (diff)
download: curl-bbee0d4eee0335ed129c37063ea47e14be076e57.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 3346daa05..f494a011d 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -134,6 +134,7 @@ cyassl_connect_step1(struct connectdata *conn,
                      int sockindex)
 {
   char error_buffer[CYASSL_MAX_ERROR_SZ];
+  char *ciphers;
   struct Curl_easy *data = conn->data;
   struct ssl_connect_data* conssl = &conn->ssl[sockindex];
   SSL_METHOD* req_method = NULL;
@@ -229,6 +230,15 @@ cyassl_connect_step1(struct connectdata *conn,
     break;
   }
 
+  ciphers = SSL_CONN_CONFIG(cipher_list);
+  if(ciphers) {
+    if(!SSL_CTX_set_cipher_list(conssl->ctx, ciphers)) {
+      failf(data, "failed setting cipher list: %s", ciphers);
+      return CURLE_SSL_CIPHER;
+    }
+    infof(data, "Cipher selection: %s\n", ciphers);
+  }
+
 #ifndef NO_FILESYSTEM
   /* load trusted cacert */
   if(SSL_CONN_CONFIG(CAfile)) {
author	Dan Fandrich <dan@coneharvesters.com>	2017-01-06 23:00:45 +0100
committer	Dan Fandrich <dan@coneharvesters.com>	2017-01-06 23:02:09 +0100
commit	bbee0d4eee0335ed129c37063ea47e14be076e57 (patch)
tree	78365a3040c4b410175551dc109a33f220259583 /lib/vtls/cyassl.c
parent	5d7a7fcdcbe2850abe8a3d1403a989a355ed4827 (diff)
download	curl-bbee0d4eee0335ed129c37063ea47e14be076e57.tar.gz