_Bool verify_peer;
_Bool verify_host;
char *cacert;
+ char *ssl_ciphers;
char *server; /* user specific server type */
char *apache_buffer;
char apache_curl_error[CURL_ERROR_SIZE];
sfree (st->user);
sfree (st->pass);
sfree (st->cacert);
+ sfree (st->ssl_ciphers);
sfree (st->server);
sfree (st->apache_buffer);
if (st->curl) {
status = cf_util_get_boolean (child, &st->verify_host);
else if (strcasecmp ("CACert", child->key) == 0)
status = cf_util_get_string (child, &st->cacert);
+ else if (strcasecmp ("SSLCiphers", child->key) == 0)
+ status = cf_util_get_string (child, &st->ssl_ciphers);
else if (strcasecmp ("Server", child->key) == 0)
status = cf_util_get_string (child, &st->server);
else if (strcasecmp ("Timeout", child->key) == 0)
st->verify_host ? 2L : 0L);
if (st->cacert != NULL)
curl_easy_setopt (st->curl, CURLOPT_CAINFO, st->cacert);
+ if (st->ssl_ciphers != NULL)
+ curl_easy_setopt (st->curl, CURLOPT_SSL_CIPHER_LIST,st->ssl_ciphers);
#ifdef HAVE_CURLOPT_TIMEOUT_MS
if (st->timeout >= 0)
possibly need this option. What CA certificates come bundled with C<libcurl>
and are checked by default depends on the distribution you use.
+=item B<SSLCiphers> I<list of ciphers>
+
+Specifies which ciphers to use in the connection. The list of ciphers
+must specify valid ciphers. See
+L<http://www.openssl.org/docs/apps/ciphers.html> for details.
+
=item B<Timeout> I<Milliseconds>
The B<Timeout> option sets the overall timeout for HTTP requests to B<URL>, in
projects / collectd.git / commitdiff