diff options
author | lloyd <[email protected]> | 2012-04-04 15:23:44 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-04-04 15:23:44 +0000 |
commit | fedd69e75ffe23c6249d49e4d23cc1b4ae2823aa (patch) | |
tree | e0994c61aadb39e245486f2ba7089f4a13b18d8b /src/tls/tls_policy.cpp | |
parent | f5d35f360a04acef3ad19b0abf9a830b0d52d5d8 (diff) |
Remove Policy::choose_compression and move to tls_server
Make ciphersuite_list a free standing function
Now the Policy interface only contains actual policy hooks (no
non-virtual functions). Though choose_curve is a little dubious.
Diffstat (limited to 'src/tls/tls_policy.cpp')
-rw-r--r-- | src/tls/tls_policy.cpp | 74 |
1 files changed, 30 insertions, 44 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 3db517e56..de3c6f674 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -88,6 +88,30 @@ std::vector<std::string> Policy::allowed_ecc_curves() const return curves; } +/* +* Choose an ECC curve to use +*/ +std::string Policy::choose_curve(const std::vector<std::string>& curve_names) const + { + const std::vector<std::string> our_curves = allowed_ecc_curves(); + + for(size_t i = 0; i != our_curves.size(); ++i) + if(value_exists(curve_names, our_curves[i])) + return our_curves[i]; + + return ""; // no shared curve + } + +/* +* Return allowed compression algorithms +*/ +std::vector<byte> Policy::compression() const + { + std::vector<byte> algs; + algs.push_back(NO_COMPRESSION); + return algs; + } + u32bit Policy::session_ticket_lifetime() const { return 86400; // 1 day @@ -177,12 +201,13 @@ class Ciphersuite_Preference_Ordering } -std::vector<u16bit> Policy::ciphersuite_list(bool have_srp) const +std::vector<u16bit> ciphersuite_list(const Policy& policy, + bool have_srp) { - std::vector<std::string> ciphers = allowed_ciphers(); - std::vector<std::string> hashes = allowed_hashes(); - std::vector<std::string> kex = allowed_key_exchange_methods(); - std::vector<std::string> sigs = allowed_signature_methods(); + std::vector<std::string> ciphers = policy.allowed_ciphers(); + std::vector<std::string> hashes = policy.allowed_hashes(); + std::vector<std::string> kex = policy.allowed_key_exchange_methods(); + std::vector<std::string> sigs = policy.allowed_signature_methods(); if(!have_srp) { @@ -236,45 +261,6 @@ std::vector<u16bit> Policy::ciphersuite_list(bool have_srp) const return ciphersuite_codes; } -/* -* Return allowed compression algorithms -*/ -std::vector<byte> Policy::compression() const - { - std::vector<byte> algs; - algs.push_back(NO_COMPRESSION); - return algs; - } - -/* -* Choose an ECC curve to use -*/ -std::string Policy::choose_curve(const std::vector<std::string>& curve_names) const - { - std::vector<std::string> our_curves = allowed_ecc_curves(); - - for(size_t i = 0; i != our_curves.size(); ++i) - if(value_exists(curve_names, our_curves[i])) - return our_curves[i]; - - return ""; // no shared curve - } - -/* -* Choose which compression algorithm to use -*/ -byte Policy::choose_compression(const std::vector<byte>& c_comp) const - { - std::vector<byte> s_comp = compression(); - - for(size_t i = 0; i != s_comp.size(); ++i) - for(size_t j = 0; j != c_comp.size(); ++j) - if(s_comp[i] == c_comp[j]) - return s_comp[i]; - - return NO_COMPRESSION; - } - } } |