diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/ejabberd_c2s.erl | 1 | ||||
| -rw-r--r-- | src/ejabberd_s2s_in.erl | 9 | ||||
| -rw-r--r-- | src/ejabberd_s2s_out.erl | 9 |
3 files changed, 15 insertions, 4 deletions
diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl index 610f22c24..fa8ec3f5b 100644 --- a/src/ejabberd_c2s.erl +++ b/src/ejabberd_c2s.erl @@ -241,6 +241,7 @@ init([{SockMod, Socket}, Opts]) -> TLS = StartTLS orelse StartTLSRequired orelse TLSEnabled, TLSOpts1 = lists:filter(fun ({certfile, _}) -> true; + ({ciphers, _}) -> true; (_) -> false end, Opts), diff --git a/src/ejabberd_s2s_in.erl b/src/ejabberd_s2s_in.erl index dd1c93c8d..2823cde62 100644 --- a/src/ejabberd_s2s_in.erl +++ b/src/ejabberd_s2s_in.erl @@ -177,9 +177,14 @@ init([{SockMod, Socket}, Opts]) -> undefined -> []; CertFile -> [{certfile, CertFile}] end, + TLSOpts2 = case ejabberd_config:get_option( + s2s_ciphers, fun iolist_to_binary/1) of + undefined -> TLSOpts1; + Ciphers -> [{ciphers, Ciphers} | TLSOpts1] + end, TLSOpts = case proplists:get_bool(tls_compression, Opts) of - false -> [compression_none | TLSOpts1]; - true -> TLSOpts1 + false -> [compression_none | TLSOpts2]; + true -> TLSOpts2 end, Timer = erlang:start_timer(?S2STIMEOUT, self(), []), {ok, wait_for_stream, diff --git a/src/ejabberd_s2s_out.erl b/src/ejabberd_s2s_out.erl index f52a673e4..a5acdad95 100644 --- a/src/ejabberd_s2s_out.erl +++ b/src/ejabberd_s2s_out.erl @@ -191,13 +191,18 @@ init([From, Server, Type]) -> undefined -> [connect]; CertFile -> [{certfile, CertFile}, connect] end, + TLSOpts2 = case ejabberd_config:get_option( + s2s_ciphers, fun iolist_to_binary/1) of + undefined -> TLSOpts1; + Ciphers -> [{ciphers, Ciphers} | TLSOpts1] + end, TLSOpts = case ejabberd_config:get_option( {s2s_tls_compression, From}, fun(true) -> true; (false) -> false end, true) of - false -> [compression_none | TLSOpts1]; - true -> TLSOpts1 + false -> [compression_none | TLSOpts2]; + true -> TLSOpts2 end, {New, Verify} = case Type of {new, Key} -> {Key, false}; |