From 5313880261fe271ac5b334ccacf92d6253efaf3d Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 25 Mar 2014 10:19:41 +0100 Subject: tls: Support a null encryption flag on TLS socket abstraction --- src/libtls/tls_socket.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'src/libtls/tls_socket.c') diff --git a/src/libtls/tls_socket.c b/src/libtls/tls_socket.c index 19232750b..4b18fa60e 100644 --- a/src/libtls/tls_socket.c +++ b/src/libtls/tls_socket.c @@ -406,9 +406,11 @@ METHOD(tls_socket_t, destroy, void, * See header */ tls_socket_t *tls_socket_create(bool is_server, identification_t *server, - identification_t *peer, int fd, tls_cache_t *cache) + identification_t *peer, int fd, tls_cache_t *cache, + bool nullok) { private_tls_socket_t *this; + tls_purpose_t purpose; INIT(this, .public = { @@ -430,7 +432,16 @@ tls_socket_t *tls_socket_create(bool is_server, identification_t *server, .fd = fd, ); - this->tls = tls_create(is_server, server, peer, TLS_PURPOSE_GENERIC, + if (nullok) + { + purpose = TLS_PURPOSE_GENERIC_NULLOK; + } + else + { + purpose = TLS_PURPOSE_GENERIC; + } + + this->tls = tls_create(is_server, server, peer, purpose, &this->app.application, cache); if (!this->tls) { -- cgit v1.2.3 From e15f64cc81818f3769b91b2372559a64f0b92b7b Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 25 Mar 2014 10:12:51 +0100 Subject: tls: Support a maximum TLS version to negotiate using TLS socket abstraction --- src/libtls/tls_socket.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/libtls/tls_socket.c') diff --git a/src/libtls/tls_socket.c b/src/libtls/tls_socket.c index 4b18fa60e..648771e75 100644 --- a/src/libtls/tls_socket.c +++ b/src/libtls/tls_socket.c @@ -407,7 +407,7 @@ METHOD(tls_socket_t, destroy, void, */ tls_socket_t *tls_socket_create(bool is_server, identification_t *server, identification_t *peer, int fd, tls_cache_t *cache, - bool nullok) + tls_version_t max_version, bool nullok) { private_tls_socket_t *this; tls_purpose_t purpose; @@ -448,6 +448,7 @@ tls_socket_t *tls_socket_create(bool is_server, identification_t *server, free(this); return NULL; } + this->tls->set_version(this->tls, max_version); return &this->public; } -- cgit v1.2.3