#7609 closed Patches (fixed)
Add support for TLS 1.1 and TLS 1.2 to boost::asio::ssl
Reported by: | Owned by: | chris_kohlhoff | |
---|---|---|---|
Milestone: | To Be Determined | Component: | asio |
Version: | Boost Development Trunk | Severity: | Optimization |
Keywords: | SSL, TLS | Cc: |
Description
boost::asio::ssl is based on OpenSSL library. Boost allow to create ssl::stream that will be using SSL or TLS 1.0, but OpenSSL supports also TLS 1.1 and TLS 1.2 and all that is missing from asio::ssl are several constants. Here is a simple patch that enabled TLS 1.1 and 1.2 client and server modes.
+++ asio/ssl/context_base.hpp 2012-10-30 18:29:03.892959799 +0200 @@ -57,9 +58,21 @@ public: /// TLS version 1 client. tlsv1_client, + /// TLS version 1.1 client. + tlsv1_1_client, + + /// TLS version 1.2 client. + tlsv1_2_client, + /// TLS version 1 server. tlsv1_server, + /// TLS version 1.1 server. + tlsv1_1_server, + + /// TLS version 1.2 server. + tlsv1_2_server, + /// Generic SSL/TLS. sslv23,
+++ asio/ssl/impl/context.ipp 2012-10-30 18:03:44.036986053 +0200 @@ -72,9 +72,21 @@ context::context(context::method m) case context::tlsv1_client: handle_ = ::SSL_CTX_new(::TLSv1_client_method()); break; + case context::tlsv1_1_client: + handle_ = ::SSL_CTX_new(::TLSv1_1_client_method()); + break; + case context::tlsv1_2_client: + handle_ = ::SSL_CTX_new(::TLSv1_2_client_method()); + break; case context::tlsv1_server: handle_ = ::SSL_CTX_new(::TLSv1_server_method()); break; + case context::tlsv1_1_server: + handle_ = ::SSL_CTX_new(::TLSv1_1_server_method()); + break; + case context::tlsv1_2_server: + handle_ = ::SSL_CTX_new(::TLSv1_2_server_method()); + break; case context::sslv23: handle_ = ::SSL_CTX_new(::SSLv23_method()); break; @@ -475,6 +487,36 @@ int context::verify_callback_function(in return 0; }
+++ asio/ssl/old/detail/openssl_context_service.hpp 2012-10-30 18:20:34.328968995 +0200 @@ -100,9 +101,21 @@ public: case context_base::tlsv1_client: impl = ::SSL_CTX_new(::TLSv1_client_method()); break; + case context_base::tlsv1_1_client: + impl = ::SSL_CTX_new(::TLSv1_1_client_method()); + break; + case context_base::tlsv1_2_client: + impl = ::SSL_CTX_new(::TLSv1_2_client_method()); + break; case context_base::tlsv1_server: impl = ::SSL_CTX_new(::TLSv1_server_method()); break; + case context_base::tlsv1_1_server: + impl = ::SSL_CTX_new(::TLSv1_1_server_method()); + break; + case context_base::tlsv1_2_server: + impl = ::SSL_CTX_new(::TLSv1_2_server_method()); + break; case context_base::sslv23: impl = ::SSL_CTX_new(::SSLv23_method()); break;
Change History (2)
comment:1 by , 9 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 by , 9 years ago
Using tlsv1_2_server will work with SSL clients ? Is it similar to 'sslv23' which understands SSLv2, SSLv3 and TLSv1 ?
Note:
See TracTickets
for help on using tickets.
Fixed on trunk in [84320].
Merged to release in [84388].