Home Explore Help
Sign In
Wfj
/
poco
mirror of https://github.com/pocoproject/poco.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

added support for TLSv1.1 and TLSv1.2 to Context

Guenter Obiltschnig 11 years ago
parent
ded5af27db
commit
16ef87e6c8
2 changed files with 30 additions and 7 deletions
Split View Show Diff Stats
  1. 12 5
      NetSSL_OpenSSL/include/Poco/Net/Context.h
  2. 18 2
      NetSSL_OpenSSL/src/Context.cpp

+ 12 - 5
NetSSL_OpenSSL/include/Poco/Net/Context.h
View File 

@@ -49,10 +49,14 @@ public:
 
 	
 	enum Usage
 
 	{
 
-		CLIENT_USE, 	  /// Context is used by a client.
 
-		SERVER_USE,       /// Context is used by a server.
 
-		TLSV1_CLIENT_USE, /// Context is used by a client requiring TLSv1.
 
-		TLSV1_SERVER_USE  /// Context is used by a server requiring TLSv2.
 
+		CLIENT_USE, 	    /// Context is used by a client.
 
+		SERVER_USE,         /// Context is used by a server.
 
+		TLSV1_CLIENT_USE,   /// Context is used by a client requiring TLSv1.
 
+		TLSV1_SERVER_USE,   /// Context is used by a server requiring TLSv1.
 
+		TLSV1_1_CLIENT_USE, /// Context is used by a client requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
 
+		TLSV1_1_SERVER_USE, /// Context is used by a server requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
 
+		TLSV1_2_CLIENT_USE, /// Context is used by a client requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
 
+		TLSV1_2_SERVER_USE  /// Context is used by a server requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
 
 	};
 
 	
 	enum VerificationMode 
@@ -284,7 +288,10 @@ inline Context::Usage Context::usage() const
 
 
 inline bool Context::isForServerUse() const
 
 {
 
-	return _usage == SERVER_USE || _usage == TLSV1_SERVER_USE;
 
+	return _usage == SERVER_USE
 
+		|| _usage == TLSV1_SERVER_USE
 
+		|| _usage == TLSV1_1_SERVER_USE
 
+		|| _usage == TLSV1_2_SERVER_USE;
 
 }

+ 18 - 2
NetSSL_OpenSSL/src/Context.cpp
View File 

@@ -272,7 +272,7 @@ void Context::setSessionTimeout(long seconds)
 
 
 long Context::getSessionTimeout() const
 
 {
 
-	poco_assert (_usage == SERVER_USE);
 
+	poco_assert (isForServerUse());
 
 
 	return SSL_CTX_get_timeout(_pSSLContext);
 
 }
 
@@ -280,7 +280,7 @@ long Context::getSessionTimeout() const
 
 
 void Context::flushSessionCache() 
 {
 
-	poco_assert (_usage == SERVER_USE);
 
+	poco_assert (isForServerUse());
 
 
 	Poco::Timestamp now;
 
 	SSL_CTX_flush_sessions(_pSSLContext, static_cast<long>(now.epochTime()));
 
@@ -323,6 +323,22 @@ void Context::createSSLContext()
 
 		case TLSV1_SERVER_USE:
 
 			_pSSLContext = SSL_CTX_new(TLSv1_server_method());
 
 			break;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
 
+		case TLSV1_1_CLIENT_USE:
 
+			_pSSLContext = SSL_CTX_new(TLSv1_1_client_method());
 
+			break;
 
+		case TLSV1_1_SERVER_USE:
 
+			_pSSLContext = SSL_CTX_new(TLSv1_1_server_method());
 
+			break;
 
+#endif
 
+#if OPENSSL_VERSION_NUMBER >= 0x10001000L
 
+		case TLSV1_2_CLIENT_USE:
 
+			_pSSLContext = SSL_CTX_new(TLSv1_2_client_method());
 
+			break;
 
+		case TLSV1_2_SERVER_USE:
 
+			_pSSLContext = SSL_CTX_new(TLSv1_2_server_method());
 
+			break;
 
+#endif
 
 		default:
 
 			throw Poco::InvalidArgumentException("Invalid usage");
 
 		}