Commit 2e5c9c92 authored by Ezequiel Gomez's avatar Ezequiel Gomez Committed by Facebook Github Bot

New helper method to set the ciphersuites list of an SSLContext

Summary: Add new helper method setCiphersuites to folly SSLOptions. Same behavior as the templated setCipherSuites that takes in a TSLOptions. Instead of getting the ciphersuites from the static TSLOptions::ciphers(), this method allows use caller to pass in the ciphersuite list.

Reviewed By: mingtaoy

Differential Revision: D17432484

fbshipit-source-id: 8a08b3651e209b5a4dfe4eca2352a9042206a48a
parent 8462db08
...@@ -108,6 +108,21 @@ void setCipherSuites(SSLContext& ctx) { ...@@ -108,6 +108,21 @@ void setCipherSuites(SSLContext& ctx) {
} }
} }
/**
* Set the cipher suite of ctx to the passed in cipherList,
* and print any runtime error it catches.
* @param ctx The SSLContext to apply the desired SSL options to.
* @param cipherList the list of ciphersuites to set
*/
template <typename Container>
void setCipherSuites(SSLContext& ctx, const Container& cipherList) {
try {
ctx.setCipherList(cipherList);
} catch (std::runtime_error const& e) {
ssl_options_detail::logDfatal(e);
}
}
/** /**
* Set the signature algorithm list of ctx to that in TSSLOptions, and print * Set the signature algorithm list of ctx to that in TSSLOptions, and print
* any runtime errors it catche. * any runtime errors it catche.
......
...@@ -37,4 +37,18 @@ TEST_F(SSLOptionsTest, TestSetCommonCipherList) { ...@@ -37,4 +37,18 @@ TEST_F(SSLOptionsTest, TestSetCommonCipherList) {
} }
ASSERT_EQ(nullptr, SSL_get_cipher_list(ssl.get(), i)); ASSERT_EQ(nullptr, SSL_get_cipher_list(ssl.get(), i));
} }
TEST_F(SSLOptionsTest, TestSetCipherListWithVector) {
SSLContext ctx;
auto ciphers = ssl::SSLCommonOptions::ciphers();
ssl::setCipherSuites(ctx, ciphers);
int i = 0;
ssl::SSLUniquePtr ssl(ctx.createSSL());
for (auto& cipher : ssl::SSLCommonOptions::ciphers()) {
ASSERT_STREQ(cipher, SSL_get_cipher_list(ssl.get(), i++));
}
ASSERT_EQ(nullptr, SSL_get_cipher_list(ssl.get(), i));
}
} // namespace folly } // namespace folly
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment