Add SSL_CIPHER_SUITES env variable to quic-hq-interop

To run the chacha20 test in interop we need to: 1) negotiate an hq-interop alpn 2) only use chacha 20 Item 1 requires the use of quic-hq-interop, the latter requires this change Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25528)
2025-03-01 19:28:10 +08:00 · 2024-09-24 04:24:26 -04:00 · 2024-09-24 04:24:26 -04:00 · 5f43a3376b
commit 5f43a3376b
parent ffa5465e54
1 changed files with 12 additions and 0 deletions
--- a/demos/guide/quic-hq-interop.c
+++ b/demos/guide/quic-hq-interop.c
@ -38,6 +38,7 @@
 * SSL_SESSION_FILE - set to a file path to record ssl sessions and restore
 *                    said sessions on next invocation
 * SSL_CERT_FILE - The ca file to use when validating a server
+ * SSL_CIPHER_SUITES - The list of cipher suites to use (see openssl-ciphers)
 */
 #include <string.h>

@ -814,6 +815,17 @@ static int setup_connection(char *hostname, char *port, int ipv6,
        if (set_keylog_file(*ctx, sslkeylogfile))
            goto end;

+    /*
+     * If the SSL_CIPHER_SUITES env variable is set, assign those
+     * ciphers to the context
+     */
+    if (getenv("SSL_CIPHER_SUITES") != NULL) {
+        if (!SSL_CTX_set_ciphersuites(*ctx, getenv("SSL_CIPHER_SUITES"))) {
+            fprintf(stderr, "Failed to set cipher suites for connection\n");
+            goto end;
+        }
+    }
+
    /* Create an SSL object to represent the TLS connection */
    *ssl = SSL_new(*ctx);
    if (*ssl == NULL) {