1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 06:17:35 +00:00

LibTLS: Make the TLS connection options user-configurable

The user may now request specific cipher suites, the use of SNI, and
whether we should validate certificates (not that we're doing a good job
of that).
This commit is contained in:
AnotherTest 2021-02-07 07:21:32 +03:30 committed by Andreas Kling
parent b5f24c84e4
commit 2020176f0f
7 changed files with 60 additions and 29 deletions

View file

@ -737,6 +737,9 @@ void TLSv12::set_root_certificates(Vector<Certificate> certificates)
bool Context::verify_chain() const
{
if (!options.validate_certificates)
return true;
const Vector<Certificate>* local_chain = nullptr;
if (is_server) {
dbgln("Unsupported: Server mode");
@ -813,10 +816,10 @@ Optional<size_t> TLSv12::verify_chain_and_get_matching_certificate(const StringV
return {};
}
TLSv12::TLSv12(Core::Object* parent, Version version)
TLSv12::TLSv12(Core::Object* parent, Options options)
: Core::Socket(Core::Socket::Type::TCP, parent)
{
m_context.version = version;
m_context.options = move(options);
m_context.is_server = false;
m_context.tls_buffer = ByteBuffer::create_uninitialized(0);
#ifdef SOCK_NONBLOCK