diff options
-rw-r--r-- | doc/tls.rst | 19 | ||||
-rw-r--r-- | src/tls/tls_client.cpp | 6 | ||||
-rw-r--r-- | src/tls/tls_client.h | 8 | ||||
-rw-r--r-- | src/tls/tls_policy.cpp | 5 | ||||
-rw-r--r-- | src/tls/tls_policy.h | 5 | ||||
-rw-r--r-- | src/tls/tls_version.h | 10 |
6 files changed, 31 insertions, 22 deletions
diff --git a/doc/tls.rst b/doc/tls.rst index 18af678b9..470405185 100644 --- a/doc/tls.rst +++ b/doc/tls.rst @@ -435,13 +435,6 @@ be negotiated during a handshake. .. cpp:class:: TLS::Policy - .. cpp:function:: Protocol_Version pref_version() const - - Return the protocol version we would prefer to negotiate. This is - the version that clients will offer to servers. - - Default: TLS v1.2 - .. cpp:function:: bool acceptable_protocol_version(Protocol_Version version) Return true if this version of the protocol is one that we are @@ -663,3 +656,15 @@ The ``TLS::Protocol_Version`` class represents a specific version: Returns string description of the version, for instance "SSL v3", "TLS v1.1", or "DTLS v1.0". + + .. cpp:function:: static Protocol_Version latest_tls_version() + + Returns the latest version of the TLS protocol known the the library + (currently TLS v1.2) + + .. cpp:function:: static Protocol_Version latest_dtls_version() + + Returns the latest version of the DTLS protocol known the the + library (currently DTLS v1.2) + + diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index 3793b7529..0e1d84bed 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -56,6 +56,7 @@ Client::Client(std::function<void (const byte[], size_t)> output_fn, const Policy& policy, RandomNumberGenerator& rng, const Server_Information& info, + const Protocol_Version offer_version, std::function<std::string (std::vector<std::string>)> next_protocol) : Channel(output_fn, proc_fn, handshake_fn, session_manager, rng), m_policy(policy), @@ -64,9 +65,8 @@ Client::Client(std::function<void (const byte[], size_t)> output_fn, { const std::string srp_identifier = m_creds.srp_identifier("tls-client", m_info.hostname()); - const Protocol_Version version = m_policy.pref_version(); - Handshake_State& state = create_handshake_state(version); - send_client_hello(state, false, version, srp_identifier, next_protocol); + Handshake_State& state = create_handshake_state(offer_version); + send_client_hello(state, false, offer_version, srp_identifier, next_protocol); } Handshake_State* Client::new_handshake_state(Handshake_IO* io) diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h index e42322f7d..b40896e94 100644 --- a/src/tls/tls_client.h +++ b/src/tls/tls_client.h @@ -39,7 +39,10 @@ class BOTAN_DLL Client : public Channel * * @param rng a random number generator * - * @param info is identifying information about the TLS server + * @param server_info is identifying information about the TLS server + * + * @param offer_version specifies which version we will offer + * to the TLS server. * * @param next_protocol allows the client to specify what the next * protocol will be. For more information read @@ -57,7 +60,8 @@ class BOTAN_DLL Client : public Channel Credentials_Manager& creds, const Policy& policy, RandomNumberGenerator& rng, - const Server_Information& info = Server_Information(), + const Server_Information& server_info = Server_Information(), + const Protocol_Version offer_version = Protocol_Version::latest_tls_version(), std::function<std::string (std::vector<std::string>)> next_protocol = std::function<std::string (std::vector<std::string>)>()); private: diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index b26bd4225..c76fe30a5 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -136,11 +136,6 @@ bool Policy::acceptable_protocol_version(Protocol_Version version) const version == Protocol_Version::TLS_V12); } -Protocol_Version Policy::pref_version() const - { - return Protocol_Version::TLS_V12; - } - namespace { class Ciphersuite_Preference_Ordering diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h index 8b73fea9d..4379d9b0c 100644 --- a/src/tls/tls_policy.h +++ b/src/tls/tls_policy.h @@ -119,11 +119,6 @@ class BOTAN_DLL Policy */ virtual bool acceptable_protocol_version(Protocol_Version version) const; - /** - * @return the version we would prefer to negotiate - */ - virtual Protocol_Version pref_version() const; - virtual ~Policy() {} }; diff --git a/src/tls/tls_version.h b/src/tls/tls_version.h index 651eebafc..39712db27 100644 --- a/src/tls/tls_version.h +++ b/src/tls/tls_version.h @@ -31,6 +31,16 @@ class BOTAN_DLL Protocol_Version DTLS_V12 = 0xFEFD }; + static Protocol_Version latest_tls_version() + { + return Protocol_Version(TLS_V12); + } + + static Protocol_Version latest_dtls_version() + { + return Protocol_Version(DTLS_V12); + } + Protocol_Version() : m_version(0) {} /** |