From 5f9568ca201832e8060dbaab3b080a758567c947 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Fri, 2 Dec 2016 11:30:27 +0100 Subject: TLS: Enable ecc point compression MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If available in Botan. There is an issue where, if botan supports it but we don’t enable it, then the TLS handshake may fail with some servers --- louloulibs/network/tcp_socket_handler.cpp | 2 +- louloulibs/network/tcp_socket_handler.hpp | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'louloulibs') diff --git a/louloulibs/network/tcp_socket_handler.cpp b/louloulibs/network/tcp_socket_handler.cpp index 5782f66..7c33ab8 100644 --- a/louloulibs/network/tcp_socket_handler.cpp +++ b/louloulibs/network/tcp_socket_handler.cpp @@ -16,7 +16,7 @@ # include Botan::AutoSeeded_RNG TCPSocketHandler::rng; -Botan::TLS::Policy TCPSocketHandler::policy; +BiboumiTLSPolicy TCPSocketHandler::policy; Botan::TLS::Session_Manager_In_Memory TCPSocketHandler::session_manager(TCPSocketHandler::rng); #endif diff --git a/louloulibs/network/tcp_socket_handler.hpp b/louloulibs/network/tcp_socket_handler.hpp index d5b9c33..c37e386 100644 --- a/louloulibs/network/tcp_socket_handler.hpp +++ b/louloulibs/network/tcp_socket_handler.hpp @@ -19,6 +19,17 @@ #include #include +class BiboumiTLSPolicy: public Botan::TLS::Policy +{ +public: +#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,33) + bool use_ecc_point_compression() const override + { + return true; + } +#endif +}; + /** * Does all the read/write, buffering etc. With optional tls. * But doesn’t do any connect() or accept() or anything else. @@ -191,7 +202,7 @@ private: * Botan stuff to manipulate a TLS session. */ static Botan::AutoSeeded_RNG rng; - static Botan::TLS::Policy policy; + static BiboumiTLSPolicy policy; static Botan::TLS::Session_Manager_In_Memory session_manager; protected: BasicCredentialsManager credential_manager; -- cgit v1.2.3