TLS: Enable ecc point compression

If available in Botan.

There is an issue where, if botan supports it but we don’t enable it, then
the TLS handshake may fail with some servers

2 files changed, 13 insertions, 2 deletions

diff --git a/louloulibs/network/tcp_socket_handler.cpp b/louloulibs/network/tcp_socket_handler.cpp
index 5782f66..7c33ab8 100644
--- a/louloulibs/network/tcp_socket_handler.cpp
+++ b/louloulibs/network/tcp_socket_handler.cpp
@@ -16,7 +16,7 @@
 # include <botan/tls_exceptn.h>
 
 Botan::AutoSeeded_RNG TCPSocketHandler::rng;
-Botan::TLS::Policy TCPSocketHandler::policy;
+BiboumiTLSPolicy TCPSocketHandler::policy;
 Botan::TLS::Session_Manager_In_Memory TCPSocketHandler::session_manager(TCPSocketHandler::rng);
 
 #endif
diff --git a/louloulibs/network/tcp_socket_handler.hpp b/louloulibs/network/tcp_socket_handler.hpp
index d5b9c33..c37e386 100644
--- a/louloulibs/network/tcp_socket_handler.hpp
+++ b/louloulibs/network/tcp_socket_handler.hpp
@@ -19,6 +19,17 @@
 #include <string>
 #include <list>
 
+class BiboumiTLSPolicy: public Botan::TLS::Policy
+{
+public:
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,33)
+  bool use_ecc_point_compression() const override
+  {
+    return true;
+  }
+#endif
+};
+
 /**
  * Does all the read/write, buffering etc. With optional tls.
  * But doesn’t do any connect() or accept() or anything else.
@@ -191,7 +202,7 @@ private:
    * Botan stuff to manipulate a TLS session.
    */
   static Botan::AutoSeeded_RNG rng;
-  static Botan::TLS::Policy policy;
+  static BiboumiTLSPolicy policy;
   static Botan::TLS::Session_Manager_In_Memory session_manager;
 protected:
   BasicCredentialsManager credential_manager;