Add SSL_CIPHER_SUITES env variable to quic-hq-interop

To run the chacha20 test in interop we need to:
1) negotiate an hq-interop alpn
2) only use chacha 20

Item 1 requires the use of quic-hq-interop, the latter requires this
change

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)

diff --git a/demos/guide/quic-hq-interop.c b/demos/guide/quic-hq-interop.c
index 92dff14f62fd9943ac87525ca3979eacf4671fd7..c4eb2f3d12587318eefe50936f4fb48c445c1fc6 100644 (file)
--- a/demos/guide/quic-hq-interop.c
+++ b/demos/guide/quic-hq-interop.c
@@ -38,6 +38,7 @@
  * SSL_SESSION_FILE - set to a file path to record ssl sessions and restore
  *                    said sessions on next invocation
  * SSL_CERT_FILE - The ca file to use when validating a server
+ * SSL_CIPHER_SUITES - The list of cipher suites to use (see openssl-ciphers)
  */
 #include <string.h>
 
@@ -814,6 +815,17 @@ static int setup_connection(char *hostname, char *port, int ipv6,
         if (set_keylog_file(*ctx, sslkeylogfile))
             goto end;
 
+    /*
+     * If the SSL_CIPHER_SUITES env variable is set, assign those
+     * ciphers to the context
+     */
+    if (getenv("SSL_CIPHER_SUITES") != NULL) {
+        if (!SSL_CTX_set_ciphersuites(*ctx, getenv("SSL_CIPHER_SUITES"))) {
+            fprintf(stderr, "Failed to set cipher suites for connection\n");
+            goto end;
+        }
+    }
+
     /* Create an SSL object to represent the TLS connection */
     *ssl = SSL_new(*ctx);
     if (*ssl == NULL) {