Mercurial > code
changeset 373:69532542f7fc
Socket: use TLS by default
author | David Demelier <markand@malikania.fr> |
---|---|
date | Fri, 01 May 2015 10:15:08 +0200 |
parents | d6e95a577fe9 |
children | 8a575e0afbcc |
files | C++/modules/Socket/SocketSsl.cpp C++/modules/Socket/SocketSsl.h |
diffstat | 2 files changed, 10 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/C++/modules/Socket/SocketSsl.cpp Thu Apr 30 11:42:18 2015 +0200 +++ b/C++/modules/Socket/SocketSsl.cpp Fri May 01 10:15:08 2015 +0200 @@ -22,16 +22,14 @@ namespace { -auto sslMethod(int mflags) +inline auto sslMethod(int type) noexcept { - if (mflags & SocketSslOptions::All) - return SSLv23_method(); - if (mflags & SocketSslOptions::SSLv3) + if (type == SocketSslOptions::SSLv3) return SSLv3_method(); - if (mflags & SocketSslOptions::TLSv1) + if (type == SocketSslOptions::TLSv1) return TLSv1_method(); - return SSLv23_method(); + throw std::invalid_argument("unknown method selected"); } inline std::string sslError(int error)
--- a/C++/modules/Socket/SocketSsl.h Thu Apr 30 11:42:18 2015 +0200 +++ b/C++/modules/Socket/SocketSsl.h Fri May 01 10:15:08 2015 +0200 @@ -38,14 +38,15 @@ public: /** * @brief Method + * + * It is highly recommended to only use TLSv1. */ enum { - SSLv3 = (1 << 0), - TLSv1 = (1 << 1), - All = (0xf) + SSLv3, + TLSv1 }; - int method{All}; //!< The method + int method{TLSv1}; //!< The method std::string certificate; //!< The certificate path std::string privateKey; //!< The private key file bool verify{false}; //!< Verify or not @@ -63,7 +64,7 @@ * @param key the key file * @param verify set to true to verify */ - SocketSslOptions(int method, std::string certificate, std::string key, bool verify = false) + SocketSslOptions(std::string certificate, std::string key, int method = TLSv1, bool verify = false) : method(method) , certificate(std::move(certificate)) , privateKey(std::move(key))