From: Doug MacEachern <dougm@apache.org>
Date: Wed, 27 Mar 2002 23:49:09 +0000 (+0000)
Subject: break out cipher suite initialization into ssl_init_cipher_suite function
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=80ee758206c62e32208fc0ec8fdcba7ffa92b1bb;p=thirdparty%2Fapache%2Fhttpd.git

break out cipher suite initialization into ssl_init_cipher_suite function


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94245 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/ssl_engine_init.c b/ssl_engine_init.c
index 8d8b8b352b7..622f73d06c6 100644
--- a/ssl_engine_init.c
+++ b/ssl_engine_init.c
@@ -529,6 +529,34 @@ static void ssl_init_verify(server_rec *s,
     }
 }
 
+static void ssl_init_cipher_suite(server_rec *s,
+                                  apr_pool_t *p,
+                                  apr_pool_t *ptemp,
+                                  SSLSrvConfigRec *sc)
+{
+    SSL_CTX *ctx = sc->pSSLCtx;
+    const char *vhost_id = sc->szVHostID;
+    const char *suite = sc->szCipherSuite;
+
+    /*
+     *  Configure SSL Cipher Suite
+     */
+    if (!suite) {
+        return;
+    }
+
+    ssl_log(s, SSL_LOG_TRACE,
+            "Init: (%s) Configuring permitted SSL ciphers [%s]", 
+            vhost_id, suite);
+
+    if (!SSL_CTX_set_cipher_list(ctx, suite)) {
+        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
+                "Init: (%s) Unable to configure permitted SSL ciphers",
+                vhost_id);
+        ssl_die();
+    }
+}
+
 /*
  * Configure a particular server
  */
@@ -583,6 +611,8 @@ void ssl_init_ConfigureServer(server_rec *s,
 
     ssl_init_verify(s, p, ptemp, sc);
 
+    ssl_init_cipher_suite(s, p, ptemp, sc);
+
     SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
     SSL_CTX_set_tmp_dh_callback(ctx,  ssl_callback_TmpDH);
 
@@ -591,23 +621,6 @@ void ssl_init_ConfigureServer(server_rec *s,
         SSL_CTX_set_info_callback(ctx, ssl_callback_LogTracingState);
     }
 
-    /*
-     *  Configure SSL Cipher Suite
-     */
-    if (sc->szCipherSuite) {
-        ssl_log(s, SSL_LOG_TRACE,
-                "Init: (%s) Configuring permitted SSL ciphers [%s]", 
-                vhost_id, sc->szCipherSuite);
-
-        if (!SSL_CTX_set_cipher_list(ctx, sc->szCipherSuite)) {
-            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
-                    "Init: (%s) Unable to configure permitted SSL ciphers",
-                    vhost_id);
-            ssl_die();
-        }
-    }
-
-
     /*
      * Configure Certificate Revocation List (CRL) Details
      */