From 1b6248d6a256ad774d092151227fdd5f40247c02 Mon Sep 17 00:00:00 2001
From: Max <post@wickenrode.com>
Date: Sat, 21 Mar 2015 02:25:59 +0100
Subject: Add code for using custom SSL cipher list in SP

---
 Source/SPConnectionHandler.m | 10 ++++++++++
 Source/SPConstants.h         |  1 +
 Source/SPConstants.m         |  1 +
 3 files changed, 12 insertions(+)

diff --git a/Source/SPConnectionHandler.m b/Source/SPConnectionHandler.m
index bac0c680..80e9c3f5 100644
--- a/Source/SPConnectionHandler.m
+++ b/Source/SPConnectionHandler.m
@@ -145,6 +145,16 @@ static NSString *SPLocalhostAddress = @"127.0.0.1";
 		if ([self sslCACertFileLocationEnabled]) {
 			[mySQLConnection setSslCACertificatePath:[self sslCACertFileLocation]];
 		}
+		
+		NSString *userSSLCipherList = [prefs stringForKey:SPSSLCipherListKey];
+		if(userSSLCipherList) {
+			//strip out disabled ciphers (e.g. in "foo:bar:--:baz")
+			NSRange markerPos = [userSSLCipherList rangeOfRegex:@":?--"];
+			if(markerPos.location != NSNotFound) {
+				userSSLCipherList = [userSSLCipherList substringToIndex:markerPos.location];
+			}
+			[mySQLConnection setSslCipherList:userSSLCipherList];
+		}
 	}
 	
 	// Connection delegate must be set before actual connection attempt is made
diff --git a/Source/SPConstants.h b/Source/SPConstants.h
index 38e05cc5..f81b3fd0 100644
--- a/Source/SPConstants.h
+++ b/Source/SPConstants.h
@@ -429,6 +429,7 @@ extern NSString *SPSelectionDetailTypeIndexed;
 extern NSString *SPSelectionDetailTypePrimaryKeyed;
 extern NSString *SPSSHEnableMuxingPreference;
 extern NSString *SPSSHClientPath;
+extern NSString *SPSSLCipherListKey;
 
 // URLs
 extern NSString *SPDonationsURL;
diff --git a/Source/SPConstants.m b/Source/SPConstants.m
index fad42bc6..d9729980 100644
--- a/Source/SPConstants.m
+++ b/Source/SPConstants.m
@@ -230,6 +230,7 @@ NSString *SPSelectionDetailTypeIndexed           = @"SelectionDetailTypeNSIndexS
 NSString *SPSelectionDetailTypePrimaryKeyed      = @"SelectionDetailTypePrimaryKeyedDetails";
 NSString *SPSSHEnableMuxingPreference            = @"SSHMultiplexingEnabled";
 NSString *SPSSHClientPath                        = @"SSHClientPath";
+NSString *SPSSLCipherListKey                     = @"SSLCipherList";
 
 // URLs
 NSString *SPDonationsURL                         = @"http://www.sequelpro.com/donate/";
-- 
cgit v1.2.3