rename set_cipher_list() to set_tls_cipher_list()

ChangeLog

@@ -1,6 +1,6 @@
 * 2017-12-??: Version 1.3.0
   * Specify available cipher suites for authenticated TLS upstreams
-    with getdns_context_set_ciphers_list()
+    with getdns_context_set_tls_ciphers_list()
   * PR #366: Add support for TLS 1.3 and Chacha20-Poly1305
     Thanks Pascal Ernster
   * Bugfix #356: Do Zero configuration DNSSEC meta queries over on the

src/const-info.c

@@ -91,7 +91,7 @@ static struct const_info consts_info[] = {
 	{     630, "GETDNS_CONTEXT_CODE_HOSTS", GETDNS_CONTEXT_CODE_HOSTS_TEXT },
 	{     631, "GETDNS_CONTEXT_CODE_CAPATH", GETDNS_CONTEXT_CODE_CAPATH_TEXT },
 	{     632, "GETDNS_CONTEXT_CODE_CAFILE", GETDNS_CONTEXT_CODE_CAFILE_TEXT },
-	{     633, "GETDNS_CONTEXT_CODE_CIPHER_LIST", GETDNS_CONTEXT_CODE_CIPHER_LIST_TEXT },
+	{     633, "GETDNS_CONTEXT_CODE_TLS_CIPHER_LIST", GETDNS_CONTEXT_CODE_TLS_CIPHER_LIST_TEXT },
 	{     700, "GETDNS_CALLBACK_COMPLETE", GETDNS_CALLBACK_COMPLETE_TEXT },
 	{     701, "GETDNS_CALLBACK_CANCEL", GETDNS_CALLBACK_CANCEL_TEXT },
 	{     702, "GETDNS_CALLBACK_TIMEOUT", GETDNS_CALLBACK_TIMEOUT_TEXT },
@@ -164,7 +164,6 @@ static struct const_name_info consts_name_info[] = {
 	{ "GETDNS_CONTEXT_CODE_APPEND_NAME", 607 },
 	{ "GETDNS_CONTEXT_CODE_CAFILE", 632 },
 	{ "GETDNS_CONTEXT_CODE_CAPATH", 631 },
-	{ "GETDNS_CONTEXT_CODE_CIPHER_LIST", 633 },
 	{ "GETDNS_CONTEXT_CODE_DNSSEC_ALLOWED_SKEW", 614 },
 	{ "GETDNS_CONTEXT_CODE_DNSSEC_TRUST_ANCHORS", 609 },
 	{ "GETDNS_CONTEXT_CODE_DNS_ROOT_SERVERS", 604 },
@@ -188,6 +187,7 @@ static struct const_name_info consts_name_info[] = {
 	{ "GETDNS_CONTEXT_CODE_TIMEOUT", 616 },
 	{ "GETDNS_CONTEXT_CODE_TLS_AUTHENTICATION", 618 },
 	{ "GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME", 623 },
+	{ "GETDNS_CONTEXT_CODE_TLS_CIPHER_LIST", 633 },
 	{ "GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES", 624 },
 	{ "GETDNS_CONTEXT_CODE_TLS_QUERY_PADDING_BLOCKSIZE", 620 },
 	{ "GETDNS_CONTEXT_CODE_TRUST_ANCHORS_URL", 625 },

src/context.c

@@ -1407,7 +1407,7 @@ static char const * const _getdns_default_trust_anchors_verify_CA =
 static char const * const _getdns_default_trust_anchors_verify_email =
     "dnssec@iana.org";
 
-static char const * const _getdns_default_cipher_list = 
+static char const * const _getdns_default_tls_cipher_list = 
 	"TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:"
 	"TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20";
 
@@ -1518,7 +1518,7 @@ getdns_context_create_with_extended_memory_functions(
 	result->appdata_dir = NULL;
 	result->CApath = NULL;
 	result->CAfile = NULL;
-	result->cipher_list = NULL;
+	result->tls_cipher_list = NULL;
 
 	(void) memset(&result->root_ksk, 0, sizeof(result->root_ksk));
 
@@ -1787,8 +1787,8 @@ getdns_context_destroy(struct getdns_context *context)
 		GETDNS_FREE(context->mf, context->CApath);
 	if (context->CAfile)
 		GETDNS_FREE(context->mf, context->CAfile);
-	if (context->cipher_list)
+	if (context->tls_cipher_list)
-		GETDNS_FREE(context->mf, context->cipher_list);
+		GETDNS_FREE(context->mf, context->tls_cipher_list);
 
 #ifdef USE_WINSOCK
 	WSACleanup();
@@ -3580,8 +3580,8 @@ _getdns_context_prepare_for_resolution(getdns_context *context)
 			/* Be strict and only use the cipher suites recommended in RFC7525
 			   Unless we later fallback to opportunistic. */
 			if (!SSL_CTX_set_cipher_list(context->tls_ctx,
-			    context->cipher_list ? context->cipher_list
+			    context->tls_cipher_list ? context->tls_cipher_list
-			                         : _getdns_default_cipher_list))
+			                             : _getdns_default_tls_cipher_list))
 				return GETDNS_RETURN_BAD_CONTEXT;
 			/* For strict authentication, we must have local root certs available
 		       Set up is done only when the tls_ctx is created (per getdns_context)*/
@@ -3897,8 +3897,8 @@ _get_context_settings(getdns_context* context)
 		(void) getdns_dict_util_set_string(result, "CApath", str_value);
 	if (!getdns_context_get_CAfile(context, &str_value) && str_value)
 		(void) getdns_dict_util_set_string(result, "CAfile", str_value);
-	if (!getdns_context_get_cipher_list(context, &str_value) && str_value)
+	if (!getdns_context_get_tls_cipher_list(context, &str_value) && str_value)
-		(void) getdns_dict_util_set_string(result, "cipher_list", str_value);
+		(void) getdns_dict_util_set_string(result, "tls_cipher_list", str_value);
 
 	/* Default settings for extensions */
 	(void)getdns_dict_set_int(
@@ -4691,7 +4691,7 @@ _getdns_context_config_setting(getdns_context *context,
 	CONTEXT_SETTING_STRING(hosts)
 	CONTEXT_SETTING_STRING(CApath)
 	CONTEXT_SETTING_STRING(CAfile)
-	CONTEXT_SETTING_STRING(cipher_list)
+	CONTEXT_SETTING_STRING(tls_cipher_list)
 
 	/**************************************/
 	/****                              ****/
@@ -5243,29 +5243,31 @@ getdns_context_get_CAfile(getdns_context *context, const char **CAfile)
 }
 
 getdns_return_t
-getdns_context_set_cipher_list(getdns_context *context, const char *cipher_list)
+getdns_context_set_tls_cipher_list(
+    getdns_context *context, const char *tls_cipher_list)
 {
 	if (!context)
 		return GETDNS_RETURN_INVALID_PARAMETER;
-	if (context->cipher_list)
+	if (context->tls_cipher_list)
-		GETDNS_FREE(context->mf, context->cipher_list);
+		GETDNS_FREE(context->mf, context->tls_cipher_list);
-	context->cipher_list = cipher_list
+	context->tls_cipher_list = tls_cipher_list
-	                     ? _getdns_strdup(&context->mf, cipher_list)
+	                         ? _getdns_strdup(&context->mf, tls_cipher_list)
 	                         : NULL;
 
-	dispatch_updated(context, GETDNS_CONTEXT_CODE_CIPHER_LIST);
+	dispatch_updated(context, GETDNS_CONTEXT_CODE_TLS_CIPHER_LIST);
 	return GETDNS_RETURN_GOOD;
 }
 
 getdns_return_t
-getdns_context_get_cipher_list(getdns_context *context, const char **cipher_list)
+getdns_context_get_tls_cipher_list(
+    getdns_context *context, const char **tls_cipher_list)
 {
-	if (!context || !cipher_list)
+	if (!context || !tls_cipher_list)
 		return GETDNS_RETURN_INVALID_PARAMETER;
 
-	*cipher_list = context->cipher_list
+	*tls_cipher_list = context->tls_cipher_list
-	             ? context->cipher_list
+	                 ? context->tls_cipher_list
-	             : _getdns_default_cipher_list;
+	                 : _getdns_default_tls_cipher_list;
 	return GETDNS_RETURN_GOOD;
 }
 

src/context.h

@@ -345,7 +345,7 @@ struct getdns_context {
 
 	char                 *CApath;
 	char                 *CAfile;
-	char                 *cipher_list;
+	char                 *tls_cipher_list;
 
 	getdns_upstreams     *upstreams;
 	uint16_t             limit_outstanding_queries;

src/getdns/getdns_extra.h.in

@@ -98,8 +98,8 @@ extern "C" {
 #define GETDNS_CONTEXT_CODE_CAPATH_TEXT "Change related to getdns_context_set_CApath"
 #define GETDNS_CONTEXT_CODE_CAFILE 632
 #define GETDNS_CONTEXT_CODE_CAFILE_TEXT "Change related to getdns_context_set_CAfile"
-#define GETDNS_CONTEXT_CODE_CIPHER_LIST 633
+#define GETDNS_CONTEXT_CODE_TLS_CIPHER_LIST 633
-#define GETDNS_CONTEXT_CODE_CIPHER_LIST_TEXT "Change related to getdns_context_set_cipher_list"
+#define GETDNS_CONTEXT_CODE_TLS_CIPHER_LIST_TEXT "Change related to getdns_context_set_tls_cipher_list"
 
 /** @}
   */
@@ -743,14 +743,15 @@ getdns_context_set_CAfile(getdns_context *context, const char *CAfile);
 
 /**
  * Sets the list of available ciphers for authenticated TLS upstreams.
- * @see getdns_context_get_cipher_list
+ * @see getdns_context_get_tls_cipher_list
  * @param[in] context      The context to configure
  * @param[in] cipher_list  The cipher list
  * @return GETDNS_RETURN_GOOD when successful
  * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL.
  */
 getdns_return_t
-getdns_context_set_cipher_list(getdns_context *context, const char *CAfile);
+getdns_context_set_tls_cipher_list(
+    getdns_context *context, const char *cipher_list);
 
 /**
  * Get the current resolution type setting from this context.
@@ -1261,14 +1262,15 @@ getdns_context_get_CAfile(getdns_context *context, const char **CAfile);
 
 /**
  * Get the list of available ciphers for authenticated TLS upstreams.
- * @see getdns_context_set_cipher_list
+ * @see getdns_context_set_tls_cipher_list
  * @param[in]  context      The context configure
  * @param[out] cipher_list  The cipher list
  * @return GETDNS_RETURN_GOOD when successful
  * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL.
  */
 getdns_return_t
-getdns_context_get_cipher_list(getdns_context *context, const char **cipher_list);
+getdns_context_get_tls_cipher_list(
+    getdns_context *context, const char **cipher_list);
 
 
 /** @}

src/libgetdns.symbols

@@ -11,7 +11,6 @@ getdns_context_get_CAfile
 getdns_context_get_CApath
 getdns_context_get_api_information
 getdns_context_get_append_name
-getdns_context_get_cipher_list
 getdns_context_get_dns_root_servers
 getdns_context_get_dns_transport
 getdns_context_get_dns_transport_list
@@ -36,6 +35,7 @@ getdns_context_get_suffix
 getdns_context_get_timeout
 getdns_context_get_tls_authentication
 getdns_context_get_tls_backoff_time
+getdns_context_get_tls_cipher_list
 getdns_context_get_tls_connection_retries
 getdns_context_get_tls_query_padding_blocksize
 getdns_context_get_trust_anchors_url
@@ -49,7 +49,6 @@ getdns_context_set_CAfile
 getdns_context_set_CApath
 getdns_context_set_appdata_dir
 getdns_context_set_append_name
-getdns_context_set_cipher_list
 getdns_context_set_context_update_callback
 getdns_context_set_dns_root_servers
 getdns_context_set_dns_transport
@@ -79,6 +78,7 @@ getdns_context_set_suffix
 getdns_context_set_timeout
 getdns_context_set_tls_authentication
 getdns_context_set_tls_backoff_time
+getdns_context_set_tls_cipher_list
 getdns_context_set_tls_connection_retries
 getdns_context_set_tls_query_padding_blocksize
 getdns_context_set_trust_anchors_url