diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-11 16:46:30 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-11 16:46:30 +0000 |
| commit | 8e1187a02b785e56d798660a9a292ca385e1f6aa (patch) | |
| tree | b035593aa2ae37c25aeb28b537a3223c52532ab1 /src/tls.h | |
| parent | Adding upstream version 1.61.0. (diff) | |
| download | nghttp2-8e1187a02b785e56d798660a9a292ca385e1f6aa.tar.xz nghttp2-8e1187a02b785e56d798660a9a292ca385e1f6aa.zip | |
Adding upstream version 1.62.1.upstream/1.62.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/tls.h')
| -rw-r--r-- | src/tls.h | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -28,11 +28,14 @@ #include "nghttp2_config.h" #include <cinttypes> +#include <string_view> #include <openssl/ssl.h> #include "ssl_compat.h" +using namespace std::literals; + namespace nghttp2 { namespace tls { @@ -41,19 +44,20 @@ namespace tls { // suites for TLSv1.2 by mozilla. // // https://wiki.mozilla.org/Security/Server_Side_TLS -constexpr char DEFAULT_CIPHER_LIST[] = +constexpr auto DEFAULT_CIPHER_LIST = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-" "AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-" "POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-" - "AES256-GCM-SHA384"; + "AES256-GCM-SHA384"sv; // Recommended general purpose "Modern compatibility" cipher suites // for TLSv1.3 by mozilla. // // https://wiki.mozilla.org/Security/Server_Side_TLS -constexpr char DEFAULT_TLS13_CIPHER_LIST[] = +constexpr auto DEFAULT_TLS13_CIPHER_LIST = #if defined(NGHTTP2_GENUINE_OPENSSL) || defined(NGHTTP2_OPENSSL_IS_LIBRESSL) - "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256" + "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:" + "TLS_CHACHA20_POLY1305_SHA256"sv #else // !NGHTTP2_GENUINE_OPENSSL && !NGHTTP2_OPENSSL_IS_LIBRESSL "" #endif // !NGHTTP2_GENUINE_OPENSSL && !NGHTTP2_OPENSSL_IS_LIBRESSL |