Mercurial > trustbridge > trustbridge
diff ui/downloader.cpp @ 990:2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 01 Sep 2014 12:04:11 +0200 |
| parents | 879a634d0a40 |
| children | 515345358b71 |
line wrap: on
line diff
--- a/ui/downloader.cpp Fri Aug 29 19:18:31 2014 +0200 +++ b/ui/downloader.cpp Mon Sep 01 12:04:11 2014 +0200 @@ -25,6 +25,7 @@ #include <polarssl/ctr_drbg.h> #include <polarssl/error.h> #include <polarssl/certs.h> +#include <polarssl/ssl_ciphersuites.h> #define MAX_SW_SIZE 15728640 #define MAX_LIST_SIZE 1048576 @@ -35,6 +36,25 @@ #include "sslconnection_bare.h" #endif +#ifdef RELEASE_BUILD +static int accept_ciphers[] = { + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + 0 +}; +#else +static int accept_ciphers[] = { + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, + TLS_RSA_WITH_AES_256_CBC_SHA, + 0 +}; +#endif + Downloader::Downloader(QObject* parent, const QString& url, const QByteArray& certificate, const QDateTime& newestSW, @@ -66,13 +86,17 @@ #else mSSLConnection = new SSLConnectionBare(url, certificate); #endif + setCiphersuites(accept_ciphers); } - Downloader::~Downloader() { delete mSSLConnection; } +void Downloader::setCiphersuites(int suites[]) { + mSSLConnection->setCiphersuites(suites); +} + QString Downloader::getDataDirectory() { QString candidate =