diff options
| author | lloyd <[email protected]> | 2012-04-25 13:48:08 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-04-25 13:48:08 +0000 |
| commit | b72a44475d06263e1492f8913310b5f29515cba6 (patch) | |
| tree | 680752dbd43999cea16851b9c196046d9e5fbd7f /src/tls/tls_policy.h | |
| parent | edca5f211722ea6b9d99b8b5fce4603a1b9b422d (diff) | |
| parent | f14a9fdee7902ba1a4c962cfbabe29d5146e7c55 (diff) | |
propagate from branch 'net.randombit.botan.tls-state-machine' (head a4741cd07f50a9e1b29b0dd97c6fb8697c038ade)
to branch 'net.randombit.botan.cxx11' (head 116e5ff139c07000be431e07d3472cc8f3919b91)
Diffstat (limited to 'src/tls/tls_policy.h')
| -rw-r--r-- | src/tls/tls_policy.h | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h index f53b9bab6..c3a0fc29e 100644 --- a/src/tls/tls_policy.h +++ b/src/tls/tls_policy.h @@ -82,19 +82,26 @@ class BOTAN_DLL Policy /** * Return the group to use for ephemeral Diffie-Hellman key agreement */ - virtual DL_Group dh_group() const { return DL_Group("modp/ietf/1536"); } + virtual DL_Group dh_group() const; /** * If this function returns false, unknown SRP/PSK identifiers * will be rejected with an unknown_psk_identifier alert as soon * as the non-existence is identified. Otherwise, a false * identifier value will be used and the protocol allowed to - * proceed, causing the login to eventually fail without + * proceed, causing the handshake to eventually fail without * revealing that the username does not exist on this system. */ virtual bool hide_unknown_users() const { return false; } /** + * Return the allowed lifetime of a session ticket. If 0, session + * tickets do not expire until the session ticket key rolls over. + * Expired session tickets cannot be used to resume a session. + */ + virtual u32bit session_ticket_lifetime() const; + + /** * @return the minimum version that we are willing to negotiate */ virtual Protocol_Version min_version() const; @@ -104,21 +111,15 @@ class BOTAN_DLL Policy */ virtual Protocol_Version pref_version() const; - /** - * Return allowed ciphersuites, in order of preference - */ - std::vector<u16bit> ciphersuite_list(bool have_srp) const; - - u16bit choose_suite(const std::vector<u16bit>& client_suites, - const std::vector<std::string>& available_cert_types, - bool have_shared_ecc_curve, - bool have_srp) const; - - byte choose_compression(const std::vector<byte>& client_algos) const; - virtual ~Policy() {} }; +/** +* Return allowed ciphersuites, in order of preference +*/ +std::vector<u16bit> ciphersuite_list(const Policy& policy, + bool have_srp); + } } |