comparison ui/downloader.cpp @ 990:2949f1842955

(issue90) Add possibility to force cipher suites in bare connection and test for this
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 01 Sep 2014 12:04:11 +0200
parents 879a634d0a40
children 515345358b71
comparison
equal deleted inserted replaced
989:1cd1bfe82fc2 990:2949f1842955
23 #include <polarssl/ssl.h> 23 #include <polarssl/ssl.h>
24 #include <polarssl/entropy.h> 24 #include <polarssl/entropy.h>
25 #include <polarssl/ctr_drbg.h> 25 #include <polarssl/ctr_drbg.h>
26 #include <polarssl/error.h> 26 #include <polarssl/error.h>
27 #include <polarssl/certs.h> 27 #include <polarssl/certs.h>
28 #include <polarssl/ssl_ciphersuites.h>
28 29
29 #define MAX_SW_SIZE 15728640 30 #define MAX_SW_SIZE 15728640
30 #define MAX_LIST_SIZE 1048576 31 #define MAX_LIST_SIZE 1048576
31 32
32 #ifdef USE_CURL 33 #ifdef USE_CURL
33 #include "sslconnection_curl.h" 34 #include "sslconnection_curl.h"
34 #else 35 #else
35 #include "sslconnection_bare.h" 36 #include "sslconnection_bare.h"
37 #endif
38
39 #ifdef RELEASE_BUILD
40 static int accept_ciphers[] = {
41 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
42 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
43 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
44 0
45 };
46 #else
47 static int accept_ciphers[] = {
48 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
49 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
50 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
51 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
52 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
53 TLS_RSA_WITH_AES_256_CBC_SHA,
54 0
55 };
36 #endif 56 #endif
37 57
38 Downloader::Downloader(QObject* parent, const QString& url, 58 Downloader::Downloader(QObject* parent, const QString& url,
39 const QByteArray& certificate, 59 const QByteArray& certificate,
40 const QDateTime& newestSW, 60 const QDateTime& newestSW,
64 mSSLConnection->setProxy(QUrl(settingsProxy)); 84 mSSLConnection->setProxy(QUrl(settingsProxy));
65 } 85 }
66 #else 86 #else
67 mSSLConnection = new SSLConnectionBare(url, certificate); 87 mSSLConnection = new SSLConnectionBare(url, certificate);
68 #endif 88 #endif
69 } 89 setCiphersuites(accept_ciphers);
70 90 }
71 91
72 Downloader::~Downloader() { 92 Downloader::~Downloader() {
73 delete mSSLConnection; 93 delete mSSLConnection;
94 }
95
96 void Downloader::setCiphersuites(int suites[]) {
97 mSSLConnection->setCiphersuites(suites);
74 } 98 }
75 99
76 QString Downloader::getDataDirectory() 100 QString Downloader::getDataDirectory()
77 { 101 {
78 QString candidate = 102 QString candidate =

http://wald.intevation.org/projects/trustbridge/