added support for TLSv1.1 and TLSv1.2 to Context

2025-03-22 23:22:20 +01:00 · 2014-09-02 17:23:47 +02:00 · 2014-09-02 17:23:47 +02:00 · 16ef87e6c8
commit 16ef87e6c8
parent ded5af27db
2 changed files with 30 additions and 7 deletions
--- a/NetSSL_OpenSSL/include/Poco/Net/Context.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/Context.h
@ -49,10 +49,14 @@ public:
 	
 	enum Usage
 	{
-		CLIENT_USE, 	  /// Context is used by a client.
-		SERVER_USE,       /// Context is used by a server.
-		TLSV1_CLIENT_USE, /// Context is used by a client requiring TLSv1.
-		TLSV1_SERVER_USE  /// Context is used by a server requiring TLSv2.
+		CLIENT_USE, 	    /// Context is used by a client.
+		SERVER_USE,         /// Context is used by a server.
+		TLSV1_CLIENT_USE,   /// Context is used by a client requiring TLSv1.
+		TLSV1_SERVER_USE,   /// Context is used by a server requiring TLSv1.
+		TLSV1_1_CLIENT_USE, /// Context is used by a client requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
+		TLSV1_1_SERVER_USE, /// Context is used by a server requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
+		TLSV1_2_CLIENT_USE, /// Context is used by a client requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
+		TLSV1_2_SERVER_USE  /// Context is used by a server requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
 	};
 	
 	enum VerificationMode 
@ -284,7 +288,10 @@ inline Context::Usage Context::usage() const

 inline bool Context::isForServerUse() const
 {
-	return _usage == SERVER_USE || _usage == TLSV1_SERVER_USE;
+	return _usage == SERVER_USE
+		|| _usage == TLSV1_SERVER_USE
+		|| _usage == TLSV1_1_SERVER_USE
+		|| _usage == TLSV1_2_SERVER_USE;
 }


--- a/NetSSL_OpenSSL/src/Context.cpp
+++ b/NetSSL_OpenSSL/src/Context.cpp
@ -272,7 +272,7 @@ void Context::setSessionTimeout(long seconds)

 long Context::getSessionTimeout() const
 {
-	poco_assert (_usage == SERVER_USE);
+	poco_assert (isForServerUse());

 	return SSL_CTX_get_timeout(_pSSLContext);
 }
@ -280,7 +280,7 @@ long Context::getSessionTimeout() const

 void Context::flushSessionCache() 
 {
-	poco_assert (_usage == SERVER_USE);
+	poco_assert (isForServerUse());

 	Poco::Timestamp now;
 	SSL_CTX_flush_sessions(_pSSLContext, static_cast<long>(now.epochTime()));
@ -323,6 +323,22 @@ void Context::createSSLContext()
 		case TLSV1_SERVER_USE:
 			_pSSLContext = SSL_CTX_new(TLSv1_server_method());
 			break;
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+		case TLSV1_1_CLIENT_USE:
+			_pSSLContext = SSL_CTX_new(TLSv1_1_client_method());
+			break;
+		case TLSV1_1_SERVER_USE:
+			_pSSLContext = SSL_CTX_new(TLSv1_1_server_method());
+			break;
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x10001000L
+		case TLSV1_2_CLIENT_USE:
+			_pSSLContext = SSL_CTX_new(TLSv1_2_client_method());
+			break;
+		case TLSV1_2_SERVER_USE:
+			_pSSLContext = SSL_CTX_new(TLSv1_2_server_method());
+			break;
+#endif
 		default:
 			throw Poco::InvalidArgumentException("Invalid usage");
 		}