summaryrefslogtreecommitdiffstats
path: root/src/tls.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-11 16:46:30 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-11 16:46:30 +0000
commit8e1187a02b785e56d798660a9a292ca385e1f6aa (patch)
treeb035593aa2ae37c25aeb28b537a3223c52532ab1 /src/tls.h
parentAdding upstream version 1.61.0. (diff)
downloadnghttp2-8e1187a02b785e56d798660a9a292ca385e1f6aa.tar.xz
nghttp2-8e1187a02b785e56d798660a9a292ca385e1f6aa.zip
Adding upstream version 1.62.1.upstream/1.62.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/tls.h12
1 files changed, 8 insertions, 4 deletions
diff --git a/src/tls.h b/src/tls.h
index c5fda32..b969af7 100644
--- a/src/tls.h
+++ b/src/tls.h
@@ -28,11 +28,14 @@
#include "nghttp2_config.h"
#include <cinttypes>
+#include <string_view>
#include <openssl/ssl.h>
#include "ssl_compat.h"
+using namespace std::literals;
+
namespace nghttp2 {
namespace tls {
@@ -41,19 +44,20 @@ namespace tls {
// suites for TLSv1.2 by mozilla.
//
// https://wiki.mozilla.org/Security/Server_Side_TLS
-constexpr char DEFAULT_CIPHER_LIST[] =
+constexpr auto DEFAULT_CIPHER_LIST =
"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-"
"AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-"
"POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-"
- "AES256-GCM-SHA384";
+ "AES256-GCM-SHA384"sv;
// Recommended general purpose "Modern compatibility" cipher suites
// for TLSv1.3 by mozilla.
//
// https://wiki.mozilla.org/Security/Server_Side_TLS
-constexpr char DEFAULT_TLS13_CIPHER_LIST[] =
+constexpr auto DEFAULT_TLS13_CIPHER_LIST =
#if defined(NGHTTP2_GENUINE_OPENSSL) || defined(NGHTTP2_OPENSSL_IS_LIBRESSL)
- "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"
+ "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:"
+ "TLS_CHACHA20_POLY1305_SHA256"sv
#else // !NGHTTP2_GENUINE_OPENSSL && !NGHTTP2_OPENSSL_IS_LIBRESSL
""
#endif // !NGHTTP2_GENUINE_OPENSSL && !NGHTTP2_OPENSSL_IS_LIBRESSL