aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_policy.cpp
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-12-30 21:46:04 -0500
committerJack Lloyd <[email protected]>2016-12-30 21:46:04 -0500
commit122754bf3dd27ffb81262affc16c78b5a513ed9e (patch)
treeb13f1efcb2a1b99e88e6b10c53b6e1d597b00337 /src/lib/tls/tls_policy.cpp
parent0012c59f23ff0d99dc3fd91594040255cd2924bd (diff)
Increase default TLS DH min to 2048 bits, and add BSI policy class.
Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.
Diffstat (limited to 'src/lib/tls/tls_policy.cpp')
-rw-r--r--src/lib/tls/tls_policy.cpp3
1 files changed, 1 insertions, 2 deletions
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index ae200ff47..1fff936fa 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -140,8 +140,7 @@ std::string Policy::dh_group() const
size_t Policy::minimum_dh_group_size() const
{
- // Many servers still send 1024 bit
- return 1024;
+ return 2048;
}
size_t Policy::minimum_ecdsa_group_size() const
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 06:49:14 +0000