diff options
author | louiz’ <louiz@louiz.org> | 2016-12-02 11:30:27 +0100 |
---|---|---|
committer | louiz’ <louiz@louiz.org> | 2016-12-02 11:30:27 +0100 |
commit | 5f9568ca201832e8060dbaab3b080a758567c947 (patch) | |
tree | ea56d583b1882435c3d9e98e87a726dd359dad80 /louloulibs | |
parent | ad22be41719e29b075d707eb964fee1c4c30cf77 (diff) | |
download | biboumi-5f9568ca201832e8060dbaab3b080a758567c947.tar.gz biboumi-5f9568ca201832e8060dbaab3b080a758567c947.tar.bz2 biboumi-5f9568ca201832e8060dbaab3b080a758567c947.tar.xz biboumi-5f9568ca201832e8060dbaab3b080a758567c947.zip |
TLS: Enable ecc point compression
If available in Botan.
There is an issue where, if botan supports it but we don’t enable it, then
the TLS handshake may fail with some servers
Diffstat (limited to 'louloulibs')
-rw-r--r-- | louloulibs/network/tcp_socket_handler.cpp | 2 | ||||
-rw-r--r-- | louloulibs/network/tcp_socket_handler.hpp | 13 |
2 files changed, 13 insertions, 2 deletions
diff --git a/louloulibs/network/tcp_socket_handler.cpp b/louloulibs/network/tcp_socket_handler.cpp index 5782f66..7c33ab8 100644 --- a/louloulibs/network/tcp_socket_handler.cpp +++ b/louloulibs/network/tcp_socket_handler.cpp @@ -16,7 +16,7 @@ # include <botan/tls_exceptn.h> Botan::AutoSeeded_RNG TCPSocketHandler::rng; -Botan::TLS::Policy TCPSocketHandler::policy; +BiboumiTLSPolicy TCPSocketHandler::policy; Botan::TLS::Session_Manager_In_Memory TCPSocketHandler::session_manager(TCPSocketHandler::rng); #endif diff --git a/louloulibs/network/tcp_socket_handler.hpp b/louloulibs/network/tcp_socket_handler.hpp index d5b9c33..c37e386 100644 --- a/louloulibs/network/tcp_socket_handler.hpp +++ b/louloulibs/network/tcp_socket_handler.hpp @@ -19,6 +19,17 @@ #include <string> #include <list> +class BiboumiTLSPolicy: public Botan::TLS::Policy +{ +public: +#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,33) + bool use_ecc_point_compression() const override + { + return true; + } +#endif +}; + /** * Does all the read/write, buffering etc. With optional tls. * But doesn’t do any connect() or accept() or anything else. @@ -191,7 +202,7 @@ private: * Botan stuff to manipulate a TLS session. */ static Botan::AutoSeeded_RNG rng; - static Botan::TLS::Policy policy; + static BiboumiTLSPolicy policy; static Botan::TLS::Session_Manager_In_Memory session_manager; protected: BasicCredentialsManager credential_manager; |