diff options
author | lloyd <[email protected]> | 2012-07-12 21:25:46 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-07-12 21:25:46 +0000 |
commit | 43836c6fd15a944dce1ca25bb0d019ede3ef75e7 (patch) | |
tree | a6ea3bd16cb4b4d2ea94428ccafaa2bd54d8ba6a /src/tls/cert_req.cpp | |
parent | 71c8f3803819464db90226c22e77f5a13ef2c38d (diff) |
Changes to version handling in support of DTLS work.
Add a few 'feature tests' to Protocol_Version which helps avoid some
explicit comparisons. Additionally, remove the relational comparisons,
except for operator> which is still used in a few locations.
TLS::Policy has changed and no longer has min_version. The new hook
that replaces it is acceptable_protocol_version, which should return
true if and only if we are willing to negotiate the version
returned. This leads to a somewhat cleaner result and additionally
allows one to do maybe interesting though mostly useless things like
allowing TLS 1.0 or 1.2 but not 1.1.
Fix the version sent in the (unused) DTLS hello verify message.
Diffstat (limited to 'src/tls/cert_req.cpp')
-rw-r--r-- | src/tls/cert_req.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp index f97238d54..4578148f5 100644 --- a/src/tls/cert_req.cpp +++ b/src/tls/cert_req.cpp @@ -64,7 +64,7 @@ Certificate_Req::Certificate_Req(Record_Writer& writer, cert_key_types.push_back("DSA"); cert_key_types.push_back("ECDSA"); - if(version >= Protocol_Version::TLS_V12) + if(version.supports_negotiable_signature_algorithms()) { std::vector<std::string> hashes = policy.allowed_signature_hashes(); std::vector<std::string> sigs = policy.allowed_signature_methods(); @@ -100,7 +100,7 @@ Certificate_Req::Certificate_Req(const std::vector<byte>& buf, cert_key_types.push_back(cert_type_name); } - if(version >= Protocol_Version::TLS_V12) + if(version.supports_negotiable_signature_algorithms()) { std::vector<byte> sig_hash_algs = reader.get_range_vector<byte>(2, 2, 65534); |