generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-18 11:39:00 +02:00
Code Issues Projects Releases Wiki Activity

added Context::preferServerCiphers()

Browse Source
This commit is contained in:
Guenter Obiltschnig
2016-01-19 16:01:17 +01:00
parent 82c6c5f149
commit dee1efd56a
4 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
NetSSL_OpenSSL/src/Context.cpp
View File

@@ -349,6 +349,14 @@ void Context::disableProtocols(int protocols)
}
void Context::preferServerCiphers()
{
#if defined(SSL_OP_CIPHER_SERVER_PREFERENCE)
SSL_CTX_set_options(_pSSLContext, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
}
void Context::createSSLContext()
{
if (SSLManager::isFIPSEnabled())

10
NetSSL_OpenSSL/src/SSLManager.cpp
View File

@@ -44,6 +44,7 @@ const bool SSLManager::VAL_ENABLE_DEFAULT_CA(true);
const std::string SSLManager::CFG_CIPHER_LIST("cipherList");
const std::string SSLManager::CFG_CYPHER_LIST("cypherList");
const std::string SSLManager::VAL_CIPHER_LIST("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
const std::string SSLManager::CFG_PREFER_SERVER_CIPHERS("preferServerCiphers");
const std::string SSLManager::CFG_DELEGATE_HANDLER("privateKeyPassphraseHandler.name");
const std::string SSLManager::VAL_DELEGATE_HANDLER("KeyConsoleHandler");
const std::string SSLManager::CFG_CERTIFICATE_HANDLER("invalidCertificateHandler.name");
@@ -355,6 +356,15 @@ void SSLManager::initDefaultContext(bool server)
_ptrDefaultServerContext->enableExtendedCertificateVerification(extendedVerification);
else
_ptrDefaultClientContext->enableExtendedCertificateVerification(extendedVerification);
bool preferServerCiphers = config.getBool(prefix + CFG_PREFER_SERVER_CIPHERS, false);
if (preferServerCiphers)
{
if (server)
_ptrDefaultServerContext->preferServerCiphers();
else
_ptrDefaultClientContext->preferServerCiphers();
}
}