generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-13 14:45:36 +02:00
Code Issues Projects Releases Wiki Activity

added Context::preferServerCiphers()

Browse Source
This commit is contained in:
Guenter Obiltschnig
2016-01-19 16:01:17 +01:00
parent 82c6c5f149
commit dee1efd56a
4 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
NetSSL_OpenSSL/include/Poco/Net/Context.h
View File

@@ -334,6 +334,12 @@ public:
/// values from the Protocols enumeration, e.g.:
///
/// context.disableProtocols(PROTO_SSLV2 | PROTO_SSLV3);
void preferServerCiphers();
/// When choosing a cipher, use the server's preferences instead of the client
/// preferences. When not called, the SSL server will always follow the clients
/// preferences. When called, the SSL/TLS server will choose following its own
/// preferences.
private:
void init(const Params& params);

6
NetSSL_OpenSSL/include/Poco/Net/SSLManager.h
View File

@@ -77,6 +77,7 @@ class NetSSL_API SSLManager
/// <verificationDepth>1..9</verificationDepth>
/// <loadDefaultCAFile>true|false</loadDefaultCAFile>
/// <cipherList>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</cipherList>
/// <preferServerCiphers>true|false</preferServerCiphers>
/// <privateKeyPassphraseHandler>
/// <name>KeyFileHandler</name>
/// <options>
@@ -118,6 +119,10 @@ class NetSSL_API SSLManager
/// - loadDefaultCAFile (boolean): Specifies whether the builtin CA certificates from OpenSSL are used.
/// - cipherList (string): Specifies the supported ciphers in OpenSSL notation
/// (e.g. "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH").
/// - preferServerCiphers (bool): When choosing a cipher, use the server's preferences instead of the
/// client preferences. When not called, the SSL server will always follow the clients
/// preferences. When called, the SSL/TLS server will choose following its own
/// preferences.
/// - privateKeyPassphraseHandler.name (string): The name of the class (subclass of PrivateKeyPassphraseHandler)
/// used for obtaining the passphrase for accessing the private key.
/// - privateKeyPassphraseHandler.options.password (string): The password to be used by KeyFileHandler.
@@ -317,6 +322,7 @@ private:
static const std::string CFG_CIPHER_LIST;
static const std::string CFG_CYPHER_LIST; // for backwards compatibility
static const std::string VAL_CIPHER_LIST;
static const std::string CFG_PREFER_SERVER_CIPHERS;
static const std::string CFG_DELEGATE_HANDLER;
static const std::string VAL_DELEGATE_HANDLER;
static const std::string CFG_CERTIFICATE_HANDLER;