fix(Socket): shutdown fixes from pull #3448

2025-10-22 08:02:06 +02:00 · 2022-03-31 19:03:27 +00:00
parent 3bab3548f4
commit 3fb001f397
6 changed files with 85 additions and 1 deletions
--- a/NetSSL_OpenSSL/include/Poco/Net/Context.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/Context.h
@@ -126,6 +126,16 @@ public:
 		PROTO_TLSV1_3 = 0x20
 	};

+	enum SecurityLevel
+	{
+		SECURITY_LEVEL_NONE     = 0,
+		SECURITY_LEVEL_80_BITS  = 1,
+		SECURITY_LEVEL_112_BITS = 2,
+		SECURITY_LEVEL_128_BITS = 3,
+		SECURITY_LEVEL_192_BITS = 4,
+		SECURITY_LEVEL_256_BITS = 5
+	};
+
 	struct NetSSL_API Params
 	{
 		Params();
@@ -193,6 +203,11 @@ public:
 			///   and other TLSv1.3 ephemeral key negotiation, based
 			///   on the group names defined by OpenSSL. Defaults to
 			///   "X448:X25519:ffdhe4096:ffdhe3072:ffdhe2048:ffdhe6144:ffdhe8192:P-521:P-384:P-256"
+
+		SecurityLevel securityLevel;
+			/// Defines minimal number of security bits allowed.
+			/// Requires OpenSSL >= 1.1 to be effective.
+
 	};

 	using InvalidCertificateHandlerPtr = Poco::SharedPtr<InvalidCertificateHandler>;
@@ -420,6 +435,9 @@ public:
 		/// Returns the InvalidCertificateHandler set for this Context,
 		/// or a null pointer if none has been set.

+	void setSecurityLevel(SecurityLevel level);
+		/// Sets the security level.
+
 private:
 	void init(const Params& params);
 		/// Initializes the Context with the given parameters.
--- a/NetSSL_OpenSSL/include/Poco/Net/FTPSClientSession.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/FTPSClientSession.h
@@ -64,6 +64,9 @@ public:
 	bool isSecure() const;
 		/// Returns true if the session is FTPS.

+	void forceSessionReuse(bool force = true);
+		/// Enable or disable session reusing
+
 protected:
 	virtual StreamSocket establishDataConnection(const std::string& command, const std::string& arg);
 		/// Create secure data connection
@@ -80,6 +83,7 @@ private:

 	bool _enableFTPS = true;
 	bool _secureDataConnection = false;
+	bool _forceSessionReuse = false;
 	Context::Ptr _pContext;
 };

@@ -95,6 +99,12 @@ inline bool FTPSClientSession::isSecure() const
 }


+inline void FTPSClientSession::forceSessionReuse(bool force)
+{
+	_forceSessionReuse = force;
+}
+
+
 } } // namespace Poco::Net


--- a/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h
@@ -281,6 +281,7 @@ private:
 	bool _needHandshake;
 	std::string _peerHostName;
 	Session::Ptr _pSession;
+	bool _bidirectShutdown = true;

 	friend class SecureStreamSocketImpl;
 };