tls: support specifying accepted TLS ciphers

[project/uhttpd.git] / tls.c

diff --git a/tls.c b/tls.c
index d969b8287064c608c0fd3acb8558010103f6702a..1da08812f12e37a9afda89963982f520cfe3be33 100644 (file)
--- a/tls.c
+++ b/tls.c
@@ -31,7 +31,7 @@ static struct ustream_ssl_ops *ops;
 static void *dlh;
 static void *ctx;
 
-int uh_tls_init(const char *key, const char *crt)
+int uh_tls_init(const char *key, const char *crt, const char *ciphers)
 {
        static bool _init = false;
 
@@ -63,6 +63,11 @@ int uh_tls_init(const char *key, const char *crt)
                return -EINVAL;
        }
 
+       if (ciphers && ops->context_set_ciphers(ctx, ciphers)) {
+               fprintf(stderr, "No recognized ciphers in cipher list\n");
+               return -EINVAL;
+       }
+
        return 0;
 }