Update build script to include revision, update openvpn code, remove openssl compat (disables export ciphers)

author: Arne Schwabe <arne@rfc2549.org> 2014-01-03 16:02:48 +0100
committer: Arne Schwabe <arne@rfc2549.org> 2014-01-03 16:02:48 +0100
commit: 4f244609f3cf32ae2ab17069f0e267eb59f05f04 (patch)
tree: a0aefd5342678cbb7d7e6a0a77c8ea5acc194596 /openvpn/src/openvpn/ssl_polarssl.c
parent: 9e0e3572c2133f2396d27ced5ddb265b6e604b58 (diff)
1 files changed, 13 insertions, 2 deletions
diff --git a/openvpn/src/openvpn/ssl_polarssl.c b/openvpn/src/openvpn/ssl_polarssl.c
index cdd91890..d964b918 100644
--- a/openvpn/src/openvpn/ssl_polarssl.c
+++ b/openvpn/src/openvpn/ssl_polarssl.c
@@ -173,7 +173,12 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
 {
   char *tmp_ciphers, *tmp_ciphers_orig, *token;
   int i, cipher_count;
-  int ciphers_len = strlen (ciphers);
+  int ciphers_len;
+
+  if (NULL == ciphers)
+    return; // Nothing to do
+
+  ciphers_len = strlen (ciphers);
 
   ASSERT (NULL != ctx);
   ASSERT (0 != ciphers_len);
@@ -1033,10 +1038,16 @@ print_details (struct key_state_ssl * ks_ssl, const char *prefix)
 }
 
 void
-show_available_tls_ciphers ()
+show_available_tls_ciphers (const char *cipher_list)
 {
+  struct tls_root_ctx tls_ctx;
   const int *ciphers = ssl_list_ciphersuites();
 
+  if (cipher_list) {
+    tls_ctx_restrict_ciphers(&tls_ctx, cipher_list);
+    ciphers = tls_ctx.allowed_ciphers;
+  }
+
 #ifndef ENABLE_SMALL
   printf ("Available TLS Ciphers,\n");
   printf ("listed in order of preference:\n\n");
author	Arne Schwabe <arne@rfc2549.org>	2014-01-03 16:02:48 +0100
committer	Arne Schwabe <arne@rfc2549.org>	2014-01-03 16:02:48 +0100
commit	4f244609f3cf32ae2ab17069f0e267eb59f05f04 (patch)
tree	a0aefd5342678cbb7d7e6a0a77c8ea5acc194596 /openvpn/src/openvpn/ssl_polarssl.c
parent	9e0e3572c2133f2396d27ced5ddb265b6e604b58 (diff)