diff options
Diffstat (limited to '')
-rw-r--r-- | src/tls.h | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -28,11 +28,14 @@ #include "nghttp2_config.h" #include <cinttypes> +#include <string_view> #include <openssl/ssl.h> #include "ssl_compat.h" +using namespace std::literals; + namespace nghttp2 { namespace tls { @@ -41,19 +44,20 @@ namespace tls { // suites for TLSv1.2 by mozilla. // // https://wiki.mozilla.org/Security/Server_Side_TLS -constexpr char DEFAULT_CIPHER_LIST[] = +constexpr auto DEFAULT_CIPHER_LIST = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-" "AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-" "POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-" - "AES256-GCM-SHA384"; + "AES256-GCM-SHA384"sv; // Recommended general purpose "Modern compatibility" cipher suites // for TLSv1.3 by mozilla. // // https://wiki.mozilla.org/Security/Server_Side_TLS -constexpr char DEFAULT_TLS13_CIPHER_LIST[] = +constexpr auto DEFAULT_TLS13_CIPHER_LIST = #if defined(NGHTTP2_GENUINE_OPENSSL) || defined(NGHTTP2_OPENSSL_IS_LIBRESSL) - "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256" + "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:" + "TLS_CHACHA20_POLY1305_SHA256"sv #else // !NGHTTP2_GENUINE_OPENSSL && !NGHTTP2_OPENSSL_IS_LIBRESSL "" #endif // !NGHTTP2_GENUINE_OPENSSL && !NGHTTP2_OPENSSL_IS_LIBRESSL |