tls: support specifying accepted TLS ciphers

Introduce a new `-P` option which allows specifying a colon separated list of accepted TLS ciphers. Depending on the underlying ustream-ssl provider, the list either follows OpenSSL's cipher string format or, in case of mbedTLS, is a simple colon separated cipher whitelist. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
author: Jo-Philipp Wich <jo@mein.io> 2020-02-15 21:35:40 +0100
committer: Jo-Philipp Wich <jo@mein.io> 2020-02-15 23:47:00 +0100
commit: 5fc551d620bb353dbac68fe4d23da12784575118 (patch)
tree: 3809453943aa538ed987faebc4f728ab201b6c62 /tls.h
parent: 2ee323c01079248baa9465969df9e25b5fb68cdf (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/tls.h b/tls.h
index 9be74ba..f457cb7 100644
--- a/tls.h
+++ b/tls.h
@@ -22,13 +22,13 @@
 
 #ifdef HAVE_TLS
 
-int uh_tls_init(const char *key, const char *crt);
+int uh_tls_init(const char *key, const char *crt, const char *ciphers);
 void uh_tls_client_attach(struct client *cl);
 void uh_tls_client_detach(struct client *cl);
 
 #else
 
-static inline int uh_tls_init(const char *key, const char *crt)
+static inline int uh_tls_init(const char *key, const char *crt, const char *ciphers)
 {
 	return -1;
 }
author	Jo-Philipp Wich <jo@mein.io>	2020-02-15 21:35:40 +0100
committer	Jo-Philipp Wich <jo@mein.io>	2020-02-15 23:47:00 +0100
commit	5fc551d620bb353dbac68fe4d23da12784575118 (patch)
tree	3809453943aa538ed987faebc4f728ab201b6c62 /tls.h
parent	2ee323c01079248baa9465969df9e25b5fb68cdf (diff)