Skip to content

Commit

Permalink
Remove TLS v1.0-v1.1 support, use v1.2 by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@abitmore
abitmore authored Jul 24, 2020
1 parent 3bc5a46 commit ed411d2
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion src/network/http/websocket.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,6 +424,8 @@ namespace fc { namespace http {
ctx->set_options( boost::asio::ssl::context::default_workarounds |
boost::asio::ssl::context::no_sslv2 |
boost::asio::ssl::context::no_sslv3 |
boost::asio::ssl::context::no_tlsv1 |
boost::asio::ssl::context::no_tlsv1_1 |
boost::asio::ssl::context::single_dh_use );
ctx->set_password_callback(
[ssl_password](std::size_t max_length, boost::asio::ssl::context::password_purpose){
Expand Down Expand Up @@ -582,11 +584,13 @@ namespace fc { namespace http {

_client.set_tls_init_handler( [this,ca_filename_copy](websocketpp::connection_hdl) {
context_ptr ctx = websocketpp::lib::make_shared<boost::asio::ssl::context>(
boost::asio::ssl::context::tlsv1);
boost::asio::ssl::context::tlsv12);
try {
ctx->set_options( boost::asio::ssl::context::default_workarounds |
boost::asio::ssl::context::no_sslv2 |
boost::asio::ssl::context::no_sslv3 |
boost::asio::ssl::context::no_tlsv1 |
boost::asio::ssl::context::no_tlsv1_1 |
boost::asio::ssl::context::single_dh_use );

setup_peer_verify( ctx, ca_filename_copy );
Expand Down

0 comments on commit ed411d2

Please sign in to comment.