efl net - adapt to openssl 1.1.0 changes with tls method support

author Carsten Haitzler (Rasterman) <raster@rasterman.com>

Fri, 15 Sep 2017 05:14:03 +0000 (14:14 +0900)

committer Carsten Haitzler (Rasterman) <raster@rasterman.com>

Fri, 15 Sep 2017 07:12:59 +0000 (16:12 +0900)
author Carsten Haitzler (Rasterman) <raster@rasterman.com>
Fri, 15 Sep 2017 05:14:03 +0000 (14:14 +0900)
committer Carsten Haitzler (Rasterman) <raster@rasterman.com>
Fri, 15 Sep 2017 07:12:59 +0000 (16:12 +0900)
diff --git a/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c b/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c

index ce87b91..0fef44e 100644 (file)
--- a/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
+++ b/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
@@ -269,7 +269,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
  #ifndef OPENSSL_NO_SSL3_METHOD
                ctx->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
  #else
-              ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
+              ctx->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
  #endif
                break;
  #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@@ -282,6 +282,12 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
             case EFL_NET_SSL_CIPHER_TLSV1_2:
                ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());
                break;
+#else
+           case EFL_NET_SSL_CIPHER_TLSV1:
+           case EFL_NET_SSL_CIPHER_TLSV1_1:
+           case EFL_NET_SSL_CIPHER_TLSV1_2:
+              ctx->ssl_ctx = SSL_CTX_new(TLS_client_method());
+              break;
  #endif
             default:
                ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
@@ -301,7 +307,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
  #ifndef OPENSSL_NO_SSL3_METHOD
                ctx->ssl_ctx = SSL_CTX_new(SSLv3_server_method());
  #else
-              ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
+              ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
  #endif
                break;
  #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@@ -314,6 +320,12 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
             case EFL_NET_SSL_CIPHER_TLSV1_2:
                ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_server_method());
                break;
+#else
+           case EFL_NET_SSL_CIPHER_TLSV1:
+           case EFL_NET_SSL_CIPHER_TLSV1_1:
+           case EFL_NET_SSL_CIPHER_TLSV1_2:
+              ctx->ssl_ctx = SSL_CTX_new(TLS_server_method());
+              break;
  #endif
             default:
                ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
author	Carsten Haitzler (Rasterman) <raster@rasterman.com>
	Fri, 15 Sep 2017 05:14:03 +0000 (14:14 +0900)
committer	Carsten Haitzler (Rasterman) <raster@rasterman.com>
	Fri, 15 Sep 2017 07:12:59 +0000 (16:12 +0900)