aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/tls.rst19
-rw-r--r--src/tls/tls_client.cpp6
-rw-r--r--src/tls/tls_client.h8
-rw-r--r--src/tls/tls_policy.cpp5
-rw-r--r--src/tls/tls_policy.h5
-rw-r--r--src/tls/tls_version.h10
6 files changed, 31 insertions, 22 deletions
diff --git a/doc/tls.rst b/doc/tls.rst
index 18af678b9..470405185 100644
--- a/doc/tls.rst
+++ b/doc/tls.rst
@@ -435,13 +435,6 @@ be negotiated during a handshake.
.. cpp:class:: TLS::Policy
- .. cpp:function:: Protocol_Version pref_version() const
-
- Return the protocol version we would prefer to negotiate. This is
- the version that clients will offer to servers.
-
- Default: TLS v1.2
-
.. cpp:function:: bool acceptable_protocol_version(Protocol_Version version)
Return true if this version of the protocol is one that we are
@@ -663,3 +656,15 @@ The ``TLS::Protocol_Version`` class represents a specific version:
Returns string description of the version, for instance "SSL v3",
"TLS v1.1", or "DTLS v1.0".
+
+ .. cpp:function:: static Protocol_Version latest_tls_version()
+
+ Returns the latest version of the TLS protocol known the the library
+ (currently TLS v1.2)
+
+ .. cpp:function:: static Protocol_Version latest_dtls_version()
+
+ Returns the latest version of the DTLS protocol known the the
+ library (currently DTLS v1.2)
+
+
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 3793b7529..0e1d84bed 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -56,6 +56,7 @@ Client::Client(std::function<void (const byte[], size_t)> output_fn,
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& info,
+ const Protocol_Version offer_version,
std::function<std::string (std::vector<std::string>)> next_protocol) :
Channel(output_fn, proc_fn, handshake_fn, session_manager, rng),
m_policy(policy),
@@ -64,9 +65,8 @@ Client::Client(std::function<void (const byte[], size_t)> output_fn,
{
const std::string srp_identifier = m_creds.srp_identifier("tls-client", m_info.hostname());
- const Protocol_Version version = m_policy.pref_version();
- Handshake_State& state = create_handshake_state(version);
- send_client_hello(state, false, version, srp_identifier, next_protocol);
+ Handshake_State& state = create_handshake_state(offer_version);
+ send_client_hello(state, false, offer_version, srp_identifier, next_protocol);
}
Handshake_State* Client::new_handshake_state(Handshake_IO* io)
diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h
index e42322f7d..b40896e94 100644
--- a/src/tls/tls_client.h
+++ b/src/tls/tls_client.h
@@ -39,7 +39,10 @@ class BOTAN_DLL Client : public Channel
*
* @param rng a random number generator
*
- * @param info is identifying information about the TLS server
+ * @param server_info is identifying information about the TLS server
+ *
+ * @param offer_version specifies which version we will offer
+ * to the TLS server.
*
* @param next_protocol allows the client to specify what the next
* protocol will be. For more information read
@@ -57,7 +60,8 @@ class BOTAN_DLL Client : public Channel
Credentials_Manager& creds,
const Policy& policy,
RandomNumberGenerator& rng,
- const Server_Information& info = Server_Information(),
+ const Server_Information& server_info = Server_Information(),
+ const Protocol_Version offer_version = Protocol_Version::latest_tls_version(),
std::function<std::string (std::vector<std::string>)> next_protocol =
std::function<std::string (std::vector<std::string>)>());
private:
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp
index b26bd4225..c76fe30a5 100644
--- a/src/tls/tls_policy.cpp
+++ b/src/tls/tls_policy.cpp
@@ -136,11 +136,6 @@ bool Policy::acceptable_protocol_version(Protocol_Version version) const
version == Protocol_Version::TLS_V12);
}
-Protocol_Version Policy::pref_version() const
- {
- return Protocol_Version::TLS_V12;
- }
-
namespace {
class Ciphersuite_Preference_Ordering
diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h
index 8b73fea9d..4379d9b0c 100644
--- a/src/tls/tls_policy.h
+++ b/src/tls/tls_policy.h
@@ -119,11 +119,6 @@ class BOTAN_DLL Policy
*/
virtual bool acceptable_protocol_version(Protocol_Version version) const;
- /**
- * @return the version we would prefer to negotiate
- */
- virtual Protocol_Version pref_version() const;
-
virtual ~Policy() {}
};
diff --git a/src/tls/tls_version.h b/src/tls/tls_version.h
index 651eebafc..39712db27 100644
--- a/src/tls/tls_version.h
+++ b/src/tls/tls_version.h
@@ -31,6 +31,16 @@ class BOTAN_DLL Protocol_Version
DTLS_V12 = 0xFEFD
};
+ static Protocol_Version latest_tls_version()
+ {
+ return Protocol_Version(TLS_V12);
+ }
+
+ static Protocol_Version latest_dtls_version()
+ {
+ return Protocol_Version(DTLS_V12);
+ }
+
Protocol_Version() : m_version(0) {}
/**