diff options
| author | Jack Lloyd <[email protected]> | 2018-08-23 04:10:43 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2018-08-23 04:10:43 -0400 |
| commit | 7aec5b83bd7b27de445564e7a44194ff6e6233fd (patch) | |
| tree | d417c6ee98c3d82ea962329da619117b791287b1 /src/lib | |
| parent | e8e4292de17bc65676715c3adbf799cad82c99f3 (diff) | |
| parent | e05a7337add6c5f61d5abc05bb69c8d0698aa3ef (diff) | |
Merge GH #1651 Default disable TLS v1.0/v1.1 and CBC+CCM suites
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/tls/tls_policy.cpp | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp index 5e8150e4f..c2d3ccf26 100644 --- a/src/lib/tls/tls_policy.cpp +++ b/src/lib/tls/tls_policy.cpp @@ -45,16 +45,16 @@ std::vector<std::string> Policy::allowed_ciphers() const "ChaCha20Poly1305", "AES-256/GCM", "AES-128/GCM", - "AES-256/CCM", - "AES-128/CCM", + //"AES-256/CCM", + //"AES-128/CCM", //"AES-256/CCM(8)", //"AES-128/CCM(8)", //"Camellia-256/GCM", //"Camellia-128/GCM", //"ARIA-256/GCM", //"ARIA-128/GCM", - "AES-256", - "AES-128", + //"AES-256", + //"AES-128", //"Camellia-256", //"Camellia-128", //"SEED" @@ -319,8 +319,8 @@ bool Policy::acceptable_ciphersuite(const Ciphersuite& ciphersuite) const bool Policy::allow_client_initiated_renegotiation() const { return false; } bool Policy::allow_server_initiated_renegotiation() const { return false; } bool Policy::allow_insecure_renegotiation() const { return false; } -bool Policy::allow_tls10() const { return true; } -bool Policy::allow_tls11() const { return true; } +bool Policy::allow_tls10() const { return false; } +bool Policy::allow_tls11() const { return false; } bool Policy::allow_tls12() const { return true; } bool Policy::allow_dtls10() const { return false; } bool Policy::allow_dtls12() const { return true; } |