Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space CCPPOBJ and version Publish

...

Using boost::asio library but specifying a deprecated hardcoded protocol.

Using a deprecated hardcoded protocol instead of negotiting would lock your application to a protocol that has known vulnerabilities or weaknesses.

Recommendation

Only use modern protocols such as TLS 1.2 or TLS 1.3.

Example

In the following example, the sslv2 protocol is specified. This protocol is out of date and its use is not recommended.

Print only
     1void useProtocol_bad()
     2{
     3    boost::asio::ssl::context ctx_sslv2(boost::asio::ssl::context::sslv2); // BAD: outdated protocol
     4
     5    // ...
     6}
Dont print
Code Block
languagecpp
themeEclipse
linenumberstrue

void useProtocol_bad()
{
	boost::asio::ssl::context ctx_sslv2(boost::asio::ssl::context::sslv2); // BAD: outdated protocol

	// ...
}

In the corrected example, the tlsv13 protocol is used instead.

Print only
     1void useProtocol_good()
     2{
     3    boost::asio::ssl::context cxt_tlsv13(boost::asio::ssl::context::tlsv13);
     4
     5    // ...
     6}
Dont print
Code Block
languagecpp
themeEclipse
linenumberstrue

void useProtocol_good()
{
	boost::asio::ssl::context cxt_tlsv13(boost::asio::ssl::context::tlsv13);

	// ...
}
References
Htmlcomment
hiddentrue
hashconfluence_uploader_hash:4fa60f7c962299a1c5c28faaa58a855dbb23c356e523b69bd1776a065bcdb5091a8aecebde5f4d3f