};
static void send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert,
- const char *ssl_private_key, const char *ssl_dh_params);
+ const char *ssl_private_key, const char *ssl_dh_params,
+ const char *ssl_cipher_list);
static void send_init_prng(ssl_ctl_t * ctl, prng_seed_t seedtype, const char *path);
static void send_certfp_method(ssl_ctl_t *ctl, int method);
rb_kill(ctl->pid, SIGKILL); /* make sure the process is really gone */
ilog(L_MAIN, "ssld helper died - attempting to restart");
sendto_realops_snomask(SNO_GENERAL, L_ALL, "ssld helper died - attempting to restart");
- start_ssldaemon(1, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
+ start_ssldaemon(1, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
}
static void
int start = ServerInfo.ssld_count - get_ssld_count();
ilog(L_MAIN, "Attempting to restart ssld processes");
sendto_realops_snomask(SNO_GENERAL, L_ALL, "Attempt to restart ssld processes");
- start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
+ start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
}
}
int
-start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params)
+start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list)
{
rb_fde_t *F1, *F2;
rb_fde_t *P1, *P2;
if(ssl_cert != NULL && ssl_private_key != NULL)
send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key,
- ssl_dh_params != NULL ? ssl_dh_params : "");
+ ssl_dh_params != NULL ? ssl_dh_params : "",
+ ssl_cipher_list != NULL ? ssl_cipher_list : "");
}
ssl_read_ctl(ctl->F, ctl);
ssl_do_pipe(P2, ctl);
static void
-send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params)
+send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list)
{
size_t len;
len, sizeof(tmpbuf));
return;
}
- len = rb_snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c", nul, ssl_cert, nul,
- ssl_private_key, nul, ssl_dh_params, nul);
+ len = rb_snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul, ssl_cert, nul,
+ ssl_private_key, nul, ssl_dh_params, nul, ssl_cipher_list, nul);
ssl_cmd_write_queue(ctl, NULL, 0, tmpbuf, len);
}
}
void
-send_new_ssl_certs(const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params)
+send_new_ssl_certs(const char *ssl_cert, const char *ssl_private_key, const char *ssl_dh_params, const char *ssl_cipher_list)
{
rb_dlink_node *ptr;
if(ssl_cert == NULL || ssl_private_key == NULL || ssl_dh_params == NULL)
RB_DLINK_FOREACH(ptr, ssl_daemons.head)
{
ssl_ctl_t *ctl = ptr->data;
- send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key, ssl_dh_params);
+ send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key, ssl_dh_params, ssl_cipher_list);
}
}