Split TLS::Policy::allowed_hashes into allowed_signature_hashes and

allowed_macs. This allows someone to turn on MD5 for message auth, which is a little sketchy but probably OK, without also (likely unintentionally) enabling MD5 for TLS v1.2 signatures, which would be a big problem. Prioritize RC4 over 3DES in default policy. Disable ECC curves smaller than 224 bits by default. More updates to the TLS policy documentation.
author: lloyd <[email protected]> 2012-06-29 14:55:56 +0000
committer: lloyd <[email protected]> 2012-06-29 14:55:56 +0000
commit: c0a3a3046dbc39b05056f5539e68060c67a25f17 (patch)
tree: d3e0c8253125375a32bcd0c0ef0d281a981326cf /src/tls/tls_client.h
parent: 4b1568e323f95015cb217bf3d1b6a80bf786230e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h
index c85b528d2..fc08ca796 100644
--- a/src/tls/tls_client.h
+++ b/src/tls/tls_client.h
@@ -52,7 +52,7 @@ class BOTAN_DLL Client : public Channel
              std::function<std::string (std::vector<std::string>)> next_protocol =
                 std::function<std::string (std::vector<std::string>)>());
 
-      void renegotiate(bool force_full_renegotiation);
+      void renegotiate(bool force_full_renegotiation = false);
    private:
       void process_handshake_msg(Handshake_Type type,
                                  const std::vector<byte>& contents) override;
author	lloyd <[email protected]>	2012-06-29 14:55:56 +0000
committer	lloyd <[email protected]>	2012-06-29 14:55:56 +0000
commit	c0a3a3046dbc39b05056f5539e68060c67a25f17 (patch)
tree	d3e0c8253125375a32bcd0c0ef0d281a981326cf /src/tls/tls_client.h
parent	4b1568e323f95015cb217bf3d1b6a80bf786230e (diff)