[tokkee]

tokkee.org

Code

projects / collectd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dd8429c)
added SSLCiphers into Instance section to select ciphers from client
authortoni-moreno <toni.moreno@gmail.com>
Tue, 24 Feb 2015 10:53:41 +0000 (11:53 +0100)
committertoni-moreno <toni.moreno@gmail.com>
Tue, 24 Feb 2015 10:53:41 +0000 (11:53 +0100)
src/apache.c patch | blob | history
src/collectd.conf.pod patch | blob | history

diff --git a/src/apache.c b/src/apache.c
index 75ef3e1b9e8fdec4822b21653f9e862bea558e0e..3c4354f2ad63c13a58218a48c127c36f63a8bb27 100644 (file)
--- a/src/apache.c
+++ b/src/apache.c
@@ -48,6 +48,7 @@ struct apache_s
        _Bool verify_peer;
        _Bool verify_host;
        char *cacert;
+       char *ssl_ciphers;
        char *server; /* user specific server type */
        char *apache_buffer;
        char apache_curl_error[CURL_ERROR_SIZE];
@@ -72,6 +73,7 @@ static void apache_free (apache_t *st)
        sfree (st->user);
        sfree (st->pass);
        sfree (st->cacert);
+       sfree (st->ssl_ciphers);
        sfree (st->server);
        sfree (st->apache_buffer);
        if (st->curl) {
@@ -205,6 +207,8 @@ static int config_add (oconfig_item_t *ci)
                        status = cf_util_get_boolean (child, &st->verify_host);
                else if (strcasecmp ("CACert", child->key) == 0)
                        status = cf_util_get_string (child, &st->cacert);
+               else if (strcasecmp ("SSLCiphers", child->key) == 0)
+                       status = cf_util_get_string (child, &st->ssl_ciphers);
                else if (strcasecmp ("Server", child->key) == 0)
                        status = cf_util_get_string (child, &st->server);
                else
@@ -361,6 +365,8 @@ static int init_host (apache_t *st) /* {{{ */
                        st->verify_host ? 2L : 0L);
        if (st->cacert != NULL)
                curl_easy_setopt (st->curl, CURLOPT_CAINFO, st->cacert);
+       if (st->ssl_ciphers != NULL)
+               curl_easy_setopt (st->curl, CURLOPT_SSL_CIPHER_LIST,st->ssl_ciphers);
 
        return (0);
 } /* }}} int init_host */
diff --git a/src/collectd.conf.pod b/src/collectd.conf.pod
index 2ee22197cbbdba2343869775a543fc7f7c142b69..b9d83e591c0e55105a3ce91ba39e078ec92c2346 100644 (file)
--- a/src/collectd.conf.pod
+++ b/src/collectd.conf.pod
@@ -766,6 +766,11 @@ File that holds one or more SSL certificates. If you want to use HTTPS you will
 possibly need this option. What CA certificates come bundled with C<libcurl>
 and are checked by default depends on the distribution you use.
 
+=item B<SSLCiphers> I<list of ciphers>
+
+(SSL) Specifies which ciphers to use in the connection. The list of ciphers must 
+specify valid ciphers. Read up on SSL cipher list details on this URL:
+              http://www.openssl.org/docs/apps/ciphers.html
 =back
 
 =head2 Plugin C<apcups>
statistics collection and monitoring daemon (clone)