lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

[multiple] fix: honor CipherString for alt TLS lib 

fix typo: honor user-defined CipherString for alternative TLS libraries
(LibreSSL, BoringSSL, wolfSSL)
This commit is contained in:
Glenn Strauss 2021-01-11 14:25:38 -05:00
parent 3adbb3e3fa
commit cb24e1c70b
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/mod_openssl.c
View File

@ -3669,7 +3669,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
/* Disable support for low encryption ciphers */
buffer_append_string_len(cipherstring,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
if (SSL_CTX_set_cipher_list(s->ssl_ctx, cipherstring->ptr) != 1) {
log_error(srv->errh, __FILE__, __LINE__,
"SSL: %s", ERR_error_string(ERR_get_error(), NULL));
rc = -1;

2
src/mod_wolfssl.c
View File

@ -3482,7 +3482,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
/* Disable support for low encryption ciphers */
buffer_append_string_len(cipherstring,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
if (SSL_CTX_set_cipher_list(s->ssl_ctx, cipherstring->ptr) != 1) {
log_error(srv->errh, __FILE__, __LINE__,
"SSL: %s", ERR_error_string(ERR_get_error(), NULL));
rc = -1;