enabled TLS1.3 and disabled insecure ones

2021-02-11 19:39:11 +02:00 · 2021-02-11 19:39:11 +02:00 · fdc59f56b8
commit fdc59f56b8
parent 8399eacabf
2 changed files with 1 additions and 9 deletions
--- a/Cuipod/App.cs
+++ b/Cuipod/App.cs
@ -98,8 +98,7 @@ namespace Cuipod
        private Response ProcessRequest(SslStream sslStream)
        {
            sslStream.ReadTimeout = 5000;
-            sslStream.WriteTimeout = 5000;
-            sslStream.AuthenticateAsServer(_serverCertificate, false, SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12, false);
+            sslStream.AuthenticateAsServer(_serverCertificate, false, SslProtocols.Tls12 | SslProtocols.Tls13, false);

            // Read a message from the client.
            string rawURL = ReadRequest(sslStream);
@ -136,7 +135,6 @@ namespace Cuipod
                return response;
            }
            string domainName = url.Substring(0, domainNameDelimiter);
-            // TODO: validate domain name from cert?

            Request request = new Request("gemini://" + domainName , url.Substring(domainNameDelimiter));
            if (response.Status == StatusCode.Success)
--- a/Cuipod/Response.cs
+++ b/Cuipod/Response.cs
@ -37,11 +37,6 @@ namespace Cuipod
            _requestBody = hint + "\r\n";
        }

-        internal static string WriteHeader(StatusCode statusCode)
-        {
-            return ((int)statusCode).ToString() + " ";
-        }
-
        internal byte[] Encode()
        {
            string wholeResponse = ((int)Status).ToString() + " ";
@ -51,7 +46,6 @@ namespace Cuipod
            }

            wholeResponse += _requestBody;
-            Console.WriteLine(wholeResponse);
            return Encoding.UTF8.GetBytes(wholeResponse);
        }
    }