diff options
author | jacobkeeler <jacob.keeler@livioradio.com> | 2021-03-31 16:58:25 -0400 |
---|---|---|
committer | jacobkeeler <jacob.keeler@livioradio.com> | 2021-03-31 16:58:25 -0400 |
commit | d15699769133b7ef27d1306702d0fc9e64c2a084 (patch) | |
tree | a0b237ba00dc20bb2fc5394e1885d1f9d7814ec6 | |
parent | 40cf3dc7afdab7384c7a0f43336c7a88665db240 (diff) | |
download | sdl_core-fix/add_configurable_security_level.tar.gz |
Add configurable security level to Crypto Managerfix/add_configurable_security_level
-rw-r--r-- | src/components/security_manager/src/crypto_manager_impl.cc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/components/security_manager/src/crypto_manager_impl.cc b/src/components/security_manager/src/crypto_manager_impl.cc index 53c61401c3..833fc4da0e 100644 --- a/src/components/security_manager/src/crypto_manager_impl.cc +++ b/src/components/security_manager/src/crypto_manager_impl.cc @@ -54,6 +54,10 @@ #define TLS1_1_MINIMAL_VERSION 0x1000103fL #define CONST_SSL_METHOD_MINIMAL_VERSION 0x00909000L +// Can be configured to have stricter requirements for SSL connections depending +// on your system's requirements +#define SECURITY_LEVEL 1 + namespace security_manager { SDL_CREATE_LOG_VARIABLE("SecurityManager") @@ -233,6 +237,7 @@ bool CryptoManagerImpl::Init() { // Disable SSL2 as deprecated // TLS 1.2 is the max supported TLS version for SDL SSL_CTX_set_options(context_, SSL_OP_NO_SSLv2); + SSL_CTX_set_security_level(context_, SECURITY_LEVEL); SaveCertificateData(get_settings().certificate_data()); |