From 349ed35ce099d9003078e000acf5d95b5fd644e8 Mon Sep 17 00:00:00 2001 From: Haw Loeung Date: Wed, 15 Apr 2015 00:44:07 +1000 Subject: [PATCH] ssl: Fixed call to SSL_CTX_set_cipher_list() only when ssl_ciphers specified and warn when no cipher suite could be selected. --- src/core/network-openssl.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c index e55f2ace..465c4154 100644 --- a/src/core/network-openssl.c +++ b/src/core/network-openssl.c @@ -479,7 +479,10 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); SSL_CTX_set_default_passwd_cb(ctx, get_pem_password_callback); SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *)mypass); - SSL_CTX_set_cipher_list(ctx, ciphers); + if (ciphers && *ciphers) { + if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) + g_warning("No valid SSL cipher suite could be selected"); + } if (mycert && *mycert) { char *scert = NULL, *spkey = NULL;