Skip to content
Snippets Groups Projects

Update to handle enable/disable of TLSv1_3

Merged Olaf Bergengruen requested to merge (removed):master into master
2 files
+ 14
0
Compare changes
  • Side-by-side
  • Inline
Files
2
+ 12
0
@@ -1980,6 +1980,7 @@ SSL_Socket::SSL_Socket()
@@ -1980,6 +1980,7 @@ SSL_Socket::SSL_Socket()
TLSv1=true;
TLSv1=true;
TLSv1_1=true;
TLSv1_1=true;
TLSv1_2=true;
TLSv1_2=true;
 
TLSv1_3=true;
}
}
SSL_Socket::SSL_Socket(const char *tp_type, const char *tp_name)
SSL_Socket::SSL_Socket(const char *tp_type, const char *tp_name)
@@ -2003,6 +2004,7 @@ SSL_Socket::SSL_Socket(const char *tp_type, const char *tp_name)
@@ -2003,6 +2004,7 @@ SSL_Socket::SSL_Socket(const char *tp_type, const char *tp_name)
TLSv1=true;
TLSv1=true;
TLSv1_1=true;
TLSv1_1=true;
TLSv1_2=true;
TLSv1_2=true;
 
TLSv1_3=true;
}
}
SSL_Socket::~SSL_Socket()
SSL_Socket::~SSL_Socket()
@@ -2075,6 +2077,10 @@ bool SSL_Socket::parameter_set(const char *parameter_name,
@@ -2075,6 +2077,10 @@ bool SSL_Socket::parameter_set(const char *parameter_name,
if(strcasecmp(parameter_value, "yes") == 0) TLSv1_2 = false;
if(strcasecmp(parameter_value, "yes") == 0) TLSv1_2 = false;
else if(strcasecmp(parameter_value, "no") == 0) TLSv1_2 = true;
else if(strcasecmp(parameter_value, "no") == 0) TLSv1_2 = true;
else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_TLSv1_2());
else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_TLSv1_2());
 
} else if(strcasecmp(parameter_name, ssl_disable_TLSv1_3()) == 0) {
 
if(strcasecmp(parameter_value, "yes") == 0) TLSv1_3 = false;
 
else if(strcasecmp(parameter_value, "no") == 0) TLSv1_3 = true;
 
else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_TLSv1_3());
} else {
} else {
log_debug("leaving SSL_Socket::parameter_set(%s, %s)", parameter_name, parameter_value);
log_debug("leaving SSL_Socket::parameter_set(%s, %s)", parameter_name, parameter_value);
return Abstract_Socket::parameter_set(parameter_name, parameter_value);
return Abstract_Socket::parameter_set(parameter_name, parameter_value);
@@ -2126,6 +2132,11 @@ bool SSL_Socket::add_user_data(int client_id) {
@@ -2126,6 +2132,11 @@ bool SSL_Socket::add_user_data(int client_id) {
SSL_set_options(ssl_current_ssl,SSL_OP_NO_TLSv1_2);
SSL_set_options(ssl_current_ssl,SSL_OP_NO_TLSv1_2);
}
}
#endif
#endif
 
#ifdef SSL_OP_NO_TLSv1_3
 
if(!TLSv1_3){
 
SSL_set_options(ssl_current_ssl,SSL_OP_NO_TLSv1_3);
 
}
 
#endif
set_user_data(client_id, ssl_current_ssl);
set_user_data(client_id, ssl_current_ssl);
log_debug("New client added with key '%d'", client_id);
log_debug("New client added with key '%d'", client_id);
@@ -2551,6 +2562,7 @@ const char* SSL_Socket::ssl_disable_SSLv3() { return "ssl_disable_SSLv3";}
@@ -2551,6 +2562,7 @@ const char* SSL_Socket::ssl_disable_SSLv3() { return "ssl_disable_SSLv3";}
const char* SSL_Socket::ssl_disable_TLSv1() { return "ssl_disable_TLSv1";}
const char* SSL_Socket::ssl_disable_TLSv1() { return "ssl_disable_TLSv1";}
const char* SSL_Socket::ssl_disable_TLSv1_1() { return "ssl_disable_TLSv1_1";}
const char* SSL_Socket::ssl_disable_TLSv1_1() { return "ssl_disable_TLSv1_1";}
const char* SSL_Socket::ssl_disable_TLSv1_2() { return "ssl_disable_TLSv1_2";}
const char* SSL_Socket::ssl_disable_TLSv1_2() { return "ssl_disable_TLSv1_2";}
 
const char* SSL_Socket::ssl_disable_TLSv1_3() { return "ssl_disable_TLSv1_3";}
void SSL_Socket::ssl_actions_to_seed_PRNG() {
void SSL_Socket::ssl_actions_to_seed_PRNG() {
Loading