diff options
Diffstat (limited to 'cpp/src/IceSSL/SChannelEngine.cpp')
| -rw-r--r-- | cpp/src/IceSSL/SChannelEngine.cpp | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index f5bdb3fbd6b..f4a5ce68e6d 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -564,7 +564,8 @@ algorithmId(const string& name) SChannel::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : IceSSL::SSLEngine(communicator), _rootStore(0), - _chainEngine(0) + _chainEngine(0), + _strongCrypto(false) { } @@ -593,6 +594,8 @@ SChannel::SSLEngine::initialize() const_cast<DWORD&>(_protocols) = parseProtocols(properties->getPropertyAsListWithDefault(prefix + "Protocols", defaultProtocols)); + const_cast<bool&>(_strongCrypto) = properties->getPropertyAsIntWithDefault(prefix + "SchannelStrongCrypto", 0) > 0; + // // Check for a default directory. We look in this directory for // files mentioned in the configuration. @@ -1129,6 +1132,11 @@ SChannel::SSLEngine::newCredentialsHandle(bool incoming) cred.dwFlags = SCH_CRED_MANUAL_CRED_VALIDATION | SCH_CRED_NO_SERVERNAME_CHECK | SCH_CRED_NO_DEFAULT_CREDS; } + if(_strongCrypto) + { + cred.dwFlags |= SCH_USE_STRONG_CRYPTO; + } + if(!_ciphers.empty()) { cred.cSupportedAlgs = static_cast<DWORD>(_ciphers.size()); |