summaryrefslogtreecommitdiff
path: root/src/components/security_manager/src/ssl_context_impl.cc
diff options
context:
space:
mode:
authorJackLivio <jack@livio.io>2021-04-14 12:03:05 -0400
committerGitHub <noreply@github.com>2021-04-14 12:03:05 -0400
commit0a18698549da1b9f1e78cdc65d8708fc0a3fb59a (patch)
treed1edf191cd433ad81244b4bcc1e2cb8b9c585d29 /src/components/security_manager/src/ssl_context_impl.cc
parenta0e93bb70e0e3bce3b727e2fb06f39847d3b23bd (diff)
parent9fb349ea44547a05f812817c2221f88ef99f5a56 (diff)
downloadsdl_core-0a18698549da1b9f1e78cdc65d8708fc0a3fb59a.tar.gz
Merge pull request #3669 from smartdevicelink/release/7.1.0-RC17.1.0release/7.1.0
Release 7.1.0
Diffstat (limited to 'src/components/security_manager/src/ssl_context_impl.cc')
-rw-r--r--src/components/security_manager/src/ssl_context_impl.cc13
1 files changed, 7 insertions, 6 deletions
diff --git a/src/components/security_manager/src/ssl_context_impl.cc b/src/components/security_manager/src/ssl_context_impl.cc
index 5d151e854a..1c8b009097 100644
--- a/src/components/security_manager/src/ssl_context_impl.cc
+++ b/src/components/security_manager/src/ssl_context_impl.cc
@@ -131,6 +131,8 @@ CryptoManagerImpl::SSLContextImpl::create_max_block_sizes() {
rc.insert(std::make_pair("AES128-SHA", seed_sha_max_block_size));
rc.insert(
std::make_pair("AES256-GCM-SHA384", aes128_gcm_sha256_max_block_size));
+ rc.insert(std::make_pair("ECDHE-RSA-AES256-GCM-SHA384",
+ aes128_gcm_sha256_max_block_size));
rc.insert(std::make_pair("AES256-SHA256", aes128_sha256_max_block_size));
rc.insert(std::make_pair("AES256-SHA", seed_sha_max_block_size));
rc.insert(std::make_pair("CAMELLIA128-SHA", seed_sha_max_block_size));
@@ -522,16 +524,15 @@ bool CryptoManagerImpl::SSLContextImpl::Decrypt(const uint8_t* const in_data,
size_t CryptoManagerImpl::SSLContextImpl::get_max_block_size(size_t mtu) const {
SDL_LOG_AUTO_TRACE();
+ const auto max_allowed_block_size =
+ mtu > SSL3_RT_MAX_PLAIN_LENGTH ? SSL3_RT_MAX_PLAIN_LENGTH : mtu;
if (!max_block_size_) {
// FIXME(EZamakhov): add correct logics for TLS1/1.2/SSL3
// For SSL3.0 set temporary value 90, old TLS1.2 value is 29
- assert(mtu > 90);
- return mtu - 90;
+ assert(max_allowed_block_size > 90);
+ return max_allowed_block_size - 90;
}
- const auto max_allowed_block_size =
- mtu > SSL3_RT_MAX_PLAIN_LENGTH ? SSL3_RT_MAX_PLAIN_LENGTH : mtu;
-
return max_block_size_(max_allowed_block_size);
}
@@ -588,7 +589,7 @@ void CryptoManagerImpl::SSLContextImpl::ResetConnection() {
SSL_shutdown(connection_);
}
SDL_LOG_DEBUG("SSL connection recreation");
- SSL_CTX* ssl_context = connection_->ctx;
+ SSL_CTX* ssl_context = SSL_get_SSL_CTX(connection_);
SSL_free(connection_);
connection_ = SSL_new(ssl_context);
if (mode_ == SERVER) {
View Lorry Controller Status