Google Git
Sign in
fuchsia / third_party / openwsman / 13b9432758ac772c5aac60d19cd9c7021fa1ea4c^! / .
commit13b9432758ac772c5aac60d19cd9c7021fa1ea4c[log] [tgz]
authorKlaus Kämpf <kkaempf@suse.de>Wed Apr 19 12:07:26 2017 +0200
committerKlaus Kämpf <kkaempf@suse.de>Wed Apr 19 12:07:26 2017 +0200
treea8485b64f02241f51758a6634a8295944c44b500
parent12d6838f136fbf4302b5eaa5c60114f35a52c6fe [diff]
Add ssl_cipher_list to server options

diff --git a/etc/openwsman.conf b/etc/openwsman.conf
index b78c23d..84326f2 100644
--- a/etc/openwsman.conf
+++ b/etc/openwsman.conf

@@ -39,6 +39,10 @@
 # possible values: SSLv2 SSLv3 TLSv1 TLSv1_1 TLSv1_2
 ssl_disabled_protocols = SSLv2 SSLv3
 
+# SSL cipher list
+# see 'ciphers' in the OpenSSL documentation
+#ssl_cipher_list = 
+
 # set these to enable digest authentication against a local datbase
 #digest_password_file = /etc/openwsman/digest_auth.passwd
 

diff --git a/src/server/wsmand-daemon.c b/src/server/wsmand-daemon.c
index e48971e..b71a733 100644
--- a/src/server/wsmand-daemon.c
+++ b/src/server/wsmand-daemon.c

@@ -79,6 +79,7 @@
 static char *service_path = DEFAULT_SERVICE_PATH;
 static char *ssl_cert_file = NULL;
 static char *ssl_disabled_protocols = NULL;
+static char *ssl_cipher_list = NULL;
 static char *pid_file = DEFAULT_PID_PATH;
 static char *uri_subscription_repository = DEFAULT_SUBSCRIPTION_REPOSITORY;
 static int daemon_flag = 0;
@@ -178,6 +179,7 @@
 	ssl_key_file = iniparser_getstr(ini, "server:ssl_key_file");
 	ssl_cert_file = iniparser_getstr(ini, "server:ssl_cert_file");
         ssl_disabled_protocols = iniparser_getstr(ini, "server:ssl_disabled_protocols");
+        ssl_cipher_list = iniparser_getstr(ini, "server:ssl_cipher_list");
 	use_ipv4 = iniparser_getboolean(ini, "server:ipv4", 1);
 #ifdef ENABLE_IPV6
         use_ipv6 = iniparser_getboolean(ini, "server:ipv6", 1);
@@ -348,6 +350,11 @@
 	return ssl_disabled_protocols;
 }
 
+char *wsmand_options_get_ssl_cipher_list(void)
+{
+	return ssl_cipher_list;
+}
+
 int wsmand_options_get_digest(void)
 {
 	return use_digest;

diff --git a/src/server/wsmand-daemon.h b/src/server/wsmand-daemon.h
index a5bd4ee..2d7b34e 100644
--- a/src/server/wsmand-daemon.h
+++ b/src/server/wsmand-daemon.h

@@ -77,6 +77,7 @@
 char *wsmand_options_get_ssl_key_file(void);
 char *wsmand_options_get_ssl_cert_file(void);
 char *wsmand_options_get_ssl_disabled_protocols(void);
+char *wsmand_options_get_ssl_cipher_list(void);
 int wsmand_options_get_digest(void);
 char *wsmand_options_get_digest_password_file(void);
 char *wsmand_options_get_basic_password_file(void);