Split TLS::Policy::allowed_hashes into allowed_signature_hashes and

allowed_macs. This allows someone to turn on MD5 for message auth, which is a little sketchy but probably OK, without also (likely unintentionally) enabling MD5 for TLS v1.2 signatures, which would be a big problem. Prioritize RC4 over 3DES in default policy. Disable ECC curves smaller than 224 bits by default. More updates to the TLS policy documentation.
author: lloyd <[email protected]> 2012-06-29 14:55:56 +0000
committer: lloyd <[email protected]> 2012-06-29 14:55:56 +0000
commit: c0a3a3046dbc39b05056f5539e68060c67a25f17 (patch)
tree: d3e0c8253125375a32bcd0c0ef0d281a981326cf /src/tls/tls_server.h
parent: 4b1568e323f95015cb217bf3d1b6a80bf786230e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/tls/tls_server.h b/src/tls/tls_server.h
index 9625adcf3..89e27fa92 100644
--- a/src/tls/tls_server.h
+++ b/src/tls/tls_server.h
@@ -35,7 +35,7 @@ class BOTAN_DLL Server : public Channel
              const std::vector<std::string>& protocols =
                 std::vector<std::string>());
 
-      void renegotiate(bool force_full_renegotiation);
+      void renegotiate(bool force_full_renegotiation = false);
 
       /**
       * Return the server name indicator, if sent by the client
author	lloyd <[email protected]>	2012-06-29 14:55:56 +0000
committer	lloyd <[email protected]>	2012-06-29 14:55:56 +0000
commit	c0a3a3046dbc39b05056f5539e68060c67a25f17 (patch)
tree	d3e0c8253125375a32bcd0c0ef0d281a981326cf /src/tls/tls_server.h
parent	4b1568e323f95015cb217bf3d1b6a80bf786230e (diff)