summaryrefslogtreecommitdiff
path: root/lib/server/ServerTLS.h
diff options
context:
space:
mode:
Diffstat (limited to 'lib/server/ServerTLS.h')
-rw-r--r--lib/server/ServerTLS.h9
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/server/ServerTLS.h b/lib/server/ServerTLS.h
index f748f4b2..6b53e860 100644
--- a/lib/server/ServerTLS.h
+++ b/lib/server/ServerTLS.h
@@ -10,6 +10,7 @@
#ifndef SERVERTLS__H
#define SERVERTLS__H
+#include "BoxPortsAndFiles.h"
#include "ServerStream.h"
#include "SocketStreamTLS.h"
#include "SSLLib.h"
@@ -52,8 +53,12 @@ public:
std::string certFile(serverconf.GetKeyValue("CertificateFile"));
std::string keyFile(serverconf.GetKeyValue("PrivateKeyFile"));
std::string caFile(serverconf.GetKeyValue("TrustedCAsFile"));
+
+ int ssl_security_level(serverconf.GetKeyValueInt("SSLSecurityLevel",
+ BOX_DEFAULT_SSL_SECURITY_LEVEL));
+
mContext.Initialise(true /* as server */, certFile.c_str(),
- keyFile.c_str(), caFile.c_str());
+ keyFile.c_str(), caFile.c_str(), ssl_security_level);
// Then do normal stream server stuff
ServerStream<SocketStreamTLS, Port, ListenBacklog,
@@ -75,6 +80,8 @@ private:
ConfigurationVerifyKey("CertificateFile", ConfigTest_Exists), \
ConfigurationVerifyKey("PrivateKeyFile", ConfigTest_Exists), \
ConfigurationVerifyKey("TrustedCAsFile", ConfigTest_Exists), \
+ ConfigurationVerifyKey("SSLSecurityLevel", ConfigTest_IsInt, \
+ BOX_DEFAULT_SSL_SECURITY_LEVEL), \
SERVERSTREAM_VERIFY_SERVER_KEYS(DEFAULT_ADDRESSES)
#endif // SERVERTLS__H
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 23:31:00 +0000