Browse Source

[multiple] fix: honor CipherString for alt TLS lib

fix typo: honor user-defined CipherString for alternative TLS libraries
(LibreSSL, BoringSSL, wolfSSL)
master
Glenn Strauss 4 months ago
parent
commit
cb24e1c70b
  1. 2
      src/mod_openssl.c
  2. 2
      src/mod_wolfssl.c

2
src/mod_openssl.c

@ -3669,7 +3669,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
/* Disable support for low encryption ciphers */
buffer_append_string_len(cipherstring,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
if (SSL_CTX_set_cipher_list(s->ssl_ctx, cipherstring->ptr) != 1) {
log_error(srv->errh, __FILE__, __LINE__,
"SSL: %s", ERR_error_string(ERR_get_error(), NULL));
rc = -1;

2
src/mod_wolfssl.c

@ -3482,7 +3482,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
/* Disable support for low encryption ciphers */
buffer_append_string_len(cipherstring,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
if (SSL_CTX_set_cipher_list(s->ssl_ctx, cipherstring->ptr) != 1) {
log_error(srv->errh, __FILE__, __LINE__,
"SSL: %s", ERR_error_string(ERR_get_error(), NULL));
rc = -1;

Loading…
Cancel
Save