Permalink
Browse files

Cipher list parameter

  • Loading branch information...
szilu authored and Szilard Hajba committed Oct 14, 2009
1 parent 7cb550d commit 4138bbb22a035f0e57b5871592750b0d91b62d73
Showing with 8 additions and 3 deletions.
  1. +1 −0 README
  2. +7 −3 ssl_proxy.c
View
1 README
@@ -56,6 +56,7 @@ options.
SSL options:
-C <certificate file> SSL Public Certificate file (see Key generation).
-K <key file> SSL Private Key File (see Key generation).
-p <cipher list> SSL cipher list
Security options:
-u <user/uid> Change real and effective UID to this after
initialization.
View
@@ -60,6 +60,7 @@ int server_port=443;
char *client_addr="localhost";
int client_port=80;
char *cert_file=PEM_DIR"/"CERT_FILE, *key_file=PEM_DIR"/"KEY_FILE;
char *cipher_list="HIGH";
char *chroot_dir=NULL, *set_uid=NULL;
char *verify_ca_file=NULL, *verify_ca_dir=NULL;
struct passwd *pass;
@@ -218,7 +219,7 @@ void server_ssl_init(void)
SSLeay_add_ssl_algorithms();
SSL_load_error_strings();
server_ssl_ctx=SSL_CTX_new(SSLv23_server_method());
SSL_CTX_set_cipher_list(server_ssl_ctx, "HIGH");
SSL_CTX_set_cipher_list(server_ssl_ctx, cipher_list);
if (!SSL_CTX_set_default_verify_paths(server_ssl_ctx)) {
fprintf(stderr, "cannot set default path\n");
exit(1);
@@ -393,13 +394,13 @@ int main(int argc, char **argv)
int c, pid, i;
char *p1, *p2;
while ((c=getopt(argc, argv, "hdfilm:s:c:C:K:u:r:v:V:U:D:")) != EOF)
while ((c=getopt(argc, argv, "hdfilm:s:c:C:K:p:u:r:v:V:U:D:")) != EOF)
switch (c) {
case 'h':
fprintf(stderr, "Symbion SSL proxy " VERSION "\n"
"usage: %.256s [-d] [-f] [-l] [-i] [-s <listen address>] [-c <client address>]\n"
" [-m <max connection>] [-C <certificate file>] [-K <key file>]\n"
" [-u <user/uid>] [-r <chroot dir>]\n"
" [-p <cipher list>] [-u <user/uid>] [-r <chroot dir>]\n"
" [-v <trusted CA file>] [-V <trusted CA dir>]\n"
" [-U <upward buffer (default 2048)>] [-D <downward buffer (default 8192)>]\n"
" <lister address> = [<host>:]<port>\n"
@@ -454,6 +455,9 @@ int main(int argc, char **argv)
case 'K':
key_file=optarg;
break;
case 'p':
cipher_list=optarg;
break;
case 'u':
set_uid=optarg;
break;

0 comments on commit 4138bbb

Please sign in to comment.