From 98c58280f6bb8b21537e372e07aa972f6d35b4d7 Mon Sep 17 00:00:00 2001
From: Ali Sabil <ali.sabil@tillitech.com>
Date: Wed, 21 Mar 2012 09:46:10 +0100
Subject: Simplify the options filtering code in cowboy_ssl_transport

---
 src/cowboy_ssl_transport.erl | 29 ++++++++---------------------
 1 file changed, 8 insertions(+), 21 deletions(-)

(limited to 'src')

diff --git a/src/cowboy_ssl_transport.erl b/src/cowboy_ssl_transport.erl
index ccd8e5a..92a231c 100644
--- a/src/cowboy_ssl_transport.erl
+++ b/src/cowboy_ssl_transport.erl
@@ -67,30 +67,17 @@ listen(Opts) ->
 	{port, Port} = lists:keyfind(port, 1, Opts),
 	Backlog = proplists:get_value(backlog, Opts, 1024),
 	{certfile, CertFile} = lists:keyfind(certfile, 1, Opts),
-	KeyFileOpts =
-		case lists:keyfind(keyfile, 1, Opts) of
-			false -> [];
-			KeyFile -> [KeyFile]
-		end,
-	PasswordOpts =
-		case lists:keyfind(password, 1, Opts) of
-			false -> [];
-			Password -> [Password]
-		end,
+
 	ListenOpts0 = [binary, {active, false},
 		{backlog, Backlog}, {packet, raw}, {reuseaddr, true},
 		{certfile, CertFile}],
-	ListenOpts1 =
-		case lists:keyfind(ip, 1, Opts) of
-			false -> ListenOpts0;
-			Ip -> [Ip|ListenOpts0]
-		end,
-	ListenOpts2 =
-		case lists:keyfind(cacertfile, 1, Opts) of
-			false -> ListenOpts1;
-			CACertFile -> [CACertFile|ListenOpts1]
-		end,
-	ListenOpts = ListenOpts2 ++ KeyFileOpts ++ PasswordOpts,
+	ListenOpts = lists:foldl(fun
+		({ip, _} = Ip, Acc) -> [Ip | Acc];
+		({keyfile, _} = KeyFile, Acc) -> [KeyFile | Acc];
+		({password, _} = Password, Acc) -> [Password | Acc];
+		({cacertfile, _} = CACertFile, Acc) -> [CACertFile | Acc];
+		(_, Acc) -> Acc
+	end, ListenOpts0, Opts),
 	ssl:listen(Port, ListenOpts).
 
 %% @doc Accept an incoming connection on a listen socket.
-- 
cgit v1.2.3


From 9ac784df3b41bf31df4e77a65ccf90cb67aa0014 Mon Sep 17 00:00:00 2001
From: Ali Sabil <ali.sabil@tillitech.com>
Date: Wed, 21 Mar 2012 09:49:39 +0100
Subject: Add support for specifying the ciphers for the SSL transport

---
 src/cowboy_ssl_transport.erl | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src')

diff --git a/src/cowboy_ssl_transport.erl b/src/cowboy_ssl_transport.erl
index 92a231c..efe3dba 100644
--- a/src/cowboy_ssl_transport.erl
+++ b/src/cowboy_ssl_transport.erl
@@ -76,6 +76,7 @@ listen(Opts) ->
 		({keyfile, _} = KeyFile, Acc) -> [KeyFile | Acc];
 		({password, _} = Password, Acc) -> [Password | Acc];
 		({cacertfile, _} = CACertFile, Acc) -> [CACertFile | Acc];
+		({ciphers, _} = Ciphers, Acc) -> [Ciphers | Acc];
 		(_, Acc) -> Acc
 	end, ListenOpts0, Opts),
 	ssl:listen(Port, ListenOpts).
-- 
cgit v1.2.3


From 0c2cb207b9065bf73d3cb9e062b668143f4e105b Mon Sep 17 00:00:00 2001
From: Ali Sabil <ali.sabil@tillitech.com>
Date: Fri, 23 Mar 2012 07:32:44 +0100
Subject: Update the edoc for cowboy_ssl_transport:listen/1

---
 src/cowboy_ssl_transport.erl | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/cowboy_ssl_transport.erl b/src/cowboy_ssl_transport.erl
index efe3dba..8074209 100644
--- a/src/cowboy_ssl_transport.erl
+++ b/src/cowboy_ssl_transport.erl
@@ -48,13 +48,16 @@ messages() -> {ssl, ssl_closed, ssl_error}.
 %%   by default.</dd>
 %%  <dt>certfile</dt><dd>Mandatory. Path to a file containing the user's
 %%   certificate.</dd>
-%%  <dt>keyfile</dt><dd>Mandatory. Path to the file containing the user's
+%%  <dt>keyfile</dt><dd>Optional. Path to the file containing the user's
 %%   private PEM encoded key.</dd>
 %%  <dt>cacertfile</dt><dd>Optional. Path to file containing PEM encoded
 %%   CA certificates (trusted certificates used for verifying a peer
 %%   certificate).</dd>
-%%  <dt>password</dt><dd>Mandatory. String containing the user's password.
+%%  <dt>password</dt><dd>Optional. String containing the user's password.
 %%   All private keyfiles must be password protected currently.</dd>
+%%  <dt>ciphers</dt><dd>Optional. The cipher suites that should be supported.
+%%  The function ssl:cipher_suites/0 can be used to find all available
+%%  ciphers.</dd>
 %% </dl>
 %%
 %% @see ssl:listen/2
@@ -74,8 +77,8 @@ listen(Opts) ->
 	ListenOpts = lists:foldl(fun
 		({ip, _} = Ip, Acc) -> [Ip | Acc];
 		({keyfile, _} = KeyFile, Acc) -> [KeyFile | Acc];
-		({password, _} = Password, Acc) -> [Password | Acc];
 		({cacertfile, _} = CACertFile, Acc) -> [CACertFile | Acc];
+		({password, _} = Password, Acc) -> [Password | Acc];
 		({ciphers, _} = Ciphers, Acc) -> [Ciphers | Acc];
 		(_, Acc) -> Acc
 	end, ListenOpts0, Opts),
-- 
cgit v1.2.3