From 8c8045a6967a305d5345af71331ae9a7a128a46c Mon Sep 17 00:00:00 2001 From: eidheim Date: Tue, 13 Apr 2021 14:38:01 +0200 Subject: [PATCH] Client: enables TLS 1.3 --- client_https.hpp | 10 +++++++++- server_https.hpp | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/client_https.hpp b/client_https.hpp index c6655f1..d0d2337 100644 --- a/client_https.hpp +++ b/client_https.hpp @@ -26,7 +26,15 @@ namespace SimpleWeb { */ Client(const std::string &server_port_path, bool verify_certificate = true, const std::string &certification_file = std::string(), const std::string &private_key_file = std::string(), const std::string &verify_file = std::string()) - : ClientBase::ClientBase(server_port_path, 443), context(asio::ssl::context::tlsv12) { + : ClientBase::ClientBase(server_port_path, 443), +#if(ASIO_STANDALONE && ASIO_VERSION >= 101300) || BOOST_ASIO_VERSION >= 101300 + context(asio::ssl::context::tls_client) { + // Disabling TLS 1.0 and 1.1 (see RFC 8996) + context.set_options(asio::ssl::context::no_tlsv1); + context.set_options(asio::ssl::context::no_tlsv1_1); +#else + context(asio::ssl::context::tlsv12) { +#endif if(certification_file.size() > 0 && private_key_file.size() > 0) { context.use_certificate_chain_file(certification_file); context.use_private_key_file(private_key_file, asio::ssl::context::pem); diff --git a/server_https.hpp b/server_https.hpp index c33d5b3..67b8491 100644 --- a/server_https.hpp +++ b/server_https.hpp @@ -31,7 +31,7 @@ namespace SimpleWeb { : ServerBase::ServerBase(443), #if(ASIO_STANDALONE && ASIO_VERSION >= 101300) || BOOST_ASIO_VERSION >= 101300 context(asio::ssl::context::tls_server) { - // Disabling SSL, TLS 1.0 and 1.1 (see RFC 8996) + // Disabling TLS 1.0 and 1.1 (see RFC 8996) context.set_options(asio::ssl::context::no_tlsv1); context.set_options(asio::ssl::context::no_tlsv1_1); #else