generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-17 19:25:53 +02:00
Code Issues Projects Releases Wiki Activity

added support for TLSv1.1 and TLSv1.2 to Context

Browse Source
This commit is contained in:
Guenter Obiltschnig
2014-09-02 17:23:47 +02:00
parent ded5af27db
commit 16ef87e6c8
2 changed files with 30 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
NetSSL_OpenSSL/include/Poco/Net/Context.h
View File

@@ -49,10 +49,14 @@ public:
enum Usage enum Usage
{ {
CLIENT_USE, /// Context is used by a client. CLIENT_USE, /// Context is used by a client.
SERVER_USE, /// Context is used by a server. SERVER_USE, /// Context is used by a server.
TLSV1_CLIENT_USE, /// Context is used by a client requiring TLSv1. TLSV1_CLIENT_USE, /// Context is used by a client requiring TLSv1.
TLSV1_SERVER_USE /// Context is used by a server requiring TLSv2. TLSV1_SERVER_USE, /// Context is used by a server requiring TLSv1.
TLSV1_1_CLIENT_USE, /// Context is used by a client requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
TLSV1_1_SERVER_USE, /// Context is used by a server requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
TLSV1_2_CLIENT_USE, /// Context is used by a client requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
TLSV1_2_SERVER_USE /// Context is used by a server requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
}; };
enum VerificationMode enum VerificationMode
@@ -284,7 +288,10 @@ inline Context::Usage Context::usage() const
inline bool Context::isForServerUse() const inline bool Context::isForServerUse() const
{ {
return _usage == SERVER_USE || _usage == TLSV1_SERVER_USE; return _usage == SERVER_USE
|| _usage == TLSV1_SERVER_USE
|| _usage == TLSV1_1_SERVER_USE
|| _usage == TLSV1_2_SERVER_USE;
} }

20
NetSSL_OpenSSL/src/Context.cpp
View File

@@ -272,7 +272,7 @@ void Context::setSessionTimeout(long seconds)
long Context::getSessionTimeout() const long Context::getSessionTimeout() const
{ {
poco_assert (_usage == SERVER_USE); poco_assert (isForServerUse());
return SSL_CTX_get_timeout(_pSSLContext); return SSL_CTX_get_timeout(_pSSLContext);
} }
@@ -280,7 +280,7 @@ long Context::getSessionTimeout() const
void Context::flushSessionCache() void Context::flushSessionCache()
{ {
poco_assert (_usage == SERVER_USE); poco_assert (isForServerUse());
Poco::Timestamp now; Poco::Timestamp now;
SSL_CTX_flush_sessions(_pSSLContext, static_cast<long>(now.epochTime())); SSL_CTX_flush_sessions(_pSSLContext, static_cast<long>(now.epochTime()));
@@ -323,6 +323,22 @@ void Context::createSSLContext()
case TLSV1_SERVER_USE: case TLSV1_SERVER_USE:
_pSSLContext = SSL_CTX_new(TLSv1_server_method()); _pSSLContext = SSL_CTX_new(TLSv1_server_method());
break; break;
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
case TLSV1_1_CLIENT_USE:
_pSSLContext = SSL_CTX_new(TLSv1_1_client_method());
break;
case TLSV1_1_SERVER_USE:
_pSSLContext = SSL_CTX_new(TLSv1_1_server_method());
break;
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
case TLSV1_2_CLIENT_USE:
_pSSLContext = SSL_CTX_new(TLSv1_2_client_method());
break;
case TLSV1_2_SERVER_USE:
_pSSLContext = SSL_CTX_new(TLSv1_2_server_method());
break;
#endif
default: default:
throw Poco::InvalidArgumentException("Invalid usage"); throw Poco::InvalidArgumentException("Invalid usage");
} }