Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

introduced TLS as protocol for encrypted connections, replace ssl_v23… #4

Merged
merged 1 commit into from
Nov 23, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,7 @@ SocketTest/SocketTest.vcxproj
SocketTest/SocketTest.vcxproj.filters
SocketTest/SocketTest.vcxproj.user
SocketTest/tcp_test_conf.ini

*build*
*cmake-build-debug*
*idea*
14 changes: 12 additions & 2 deletions Socket/SecureSocket.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,11 @@ void ASecureSocket::SetUpCtxClient(SSLSocket& Socket)
switch (m_eOpenSSLProtocol)
{
default:
case OpenSSLProtocol::TLS:
// Standard Protocol as of 11/2018, OpenSSL will choose highest possible TLS standard between peers
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(TLS_client_method());
break;

case OpenSSLProtocol::SSL_V23:
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv23_client_method());
break;
Expand Down Expand Up @@ -87,8 +92,9 @@ void ASecureSocket::SetUpCtxServer(SSLSocket& Socket)
switch (m_eOpenSSLProtocol)
{
default:
case OpenSSLProtocol::SSL_V23:
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv23_server_method());
case OpenSSLProtocol::TLS:
// Standard Protocol as of 11/2018, OpenSSL will choose highest possible TLS standard between peers
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(TLS_server_method());
break;

#ifndef LINUX
Expand All @@ -105,6 +111,10 @@ void ASecureSocket::SetUpCtxServer(SSLSocket& Socket)
case OpenSSLProtocol::TLS_V1:
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(TLSv1_server_method());
break;

case OpenSSLProtocol::SSL_V23:
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv23_server_method());
break;
}
Socket.m_pCTXSSL = SSL_CTX_new(Socket.m_pMTHDSSL);
}
Expand Down
5 changes: 3 additions & 2 deletions Socket/SecureSocket.h
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,9 @@ class ASecureSocket : public ASocket
#endif
//SSL_V3, // deprecated
TLS_V1,
SSL_V23 /* There is no SSL protocol version named SSLv23. The SSLv23_method() API
SSL_V23, /* There is no SSL protocol version named SSLv23. The SSLv23_method() API
and its variants choose SSLv2, SSLv3, or TLSv1 for compatibility with the peer. */
TLS // Standard Protocol as of 11/2018, OpenSSL will choose highest possible TLS standard between peers
};

struct SSLSocket
Expand Down Expand Up @@ -87,7 +88,7 @@ class ASecureSocket : public ASocket
/* Please provide your logger thread-safe routine, otherwise, you can turn off
* error log messages printing by not using the flag ALL_FLAGS or ENABLE_LOG */
explicit ASecureSocket(const LogFnCallback& oLogger,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::SSL_V23,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::TLS,
const SettingsFlag eSettings = ALL_FLAGS);
virtual ~ASecureSocket() = 0;

Expand Down
2 changes: 1 addition & 1 deletion Socket/TCPSSLClient.h
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ class CTCPSSLClient : public ASecureSocket
{
public:
explicit CTCPSSLClient(const LogFnCallback oLogger,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::SSL_V23,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::TLS,
const SettingsFlag eSettings = ALL_FLAGS);
~CTCPSSLClient() override;

Expand Down
2 changes: 1 addition & 1 deletion Socket/TCPSSLServer.h
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class CTCPSSLServer : public ASecureSocket
public:
explicit CTCPSSLServer(const LogFnCallback oLogger,
const std::string& strPort,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::SSL_V23,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::TLS,
const SettingsFlag eSettings = ALL_FLAGS)
throw (EResolveError);

Expand Down