From: Carsten Haitzler (Rasterman) <raster@rasterman.com>
Date: Fri, 15 Sep 2017 05:14:03 +0000 (+0900)
Subject: efl net - adapt to openssl 1.1.0 changes with tls method support
X-Git-Tag: submit/sandbox/upgrade/efl120/20180319.053334~2660
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f179d32157ca4bf006a287901834aa2d7c344dc5;p=platform%2Fupstream%2Fefl.git

efl net - adapt to openssl 1.1.0 changes with tls method support

support the tls methods if on openssl 1.1.0 so we don't get
"unsupported cipher" as it does support it just with a new api.

@fix
---

diff --git a/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c b/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
index ce87b91..0fef44e 100644
--- a/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
+++ b/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
@@ -269,7 +269,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
 #ifndef OPENSSL_NO_SSL3_METHOD
               ctx->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
 #else
-              ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
+              ctx->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
 #endif
               break;
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@@ -282,6 +282,12 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
            case EFL_NET_SSL_CIPHER_TLSV1_2:
               ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());
               break;
+#else
+           case EFL_NET_SSL_CIPHER_TLSV1:
+           case EFL_NET_SSL_CIPHER_TLSV1_1:
+           case EFL_NET_SSL_CIPHER_TLSV1_2:
+              ctx->ssl_ctx = SSL_CTX_new(TLS_client_method());
+              break;
 #endif
            default:
               ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
@@ -301,7 +307,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
 #ifndef OPENSSL_NO_SSL3_METHOD
               ctx->ssl_ctx = SSL_CTX_new(SSLv3_server_method());
 #else
-              ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
+              ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
 #endif
               break;
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@@ -314,6 +320,12 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
            case EFL_NET_SSL_CIPHER_TLSV1_2:
               ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_server_method());
               break;
+#else
+           case EFL_NET_SSL_CIPHER_TLSV1:
+           case EFL_NET_SSL_CIPHER_TLSV1_1:
+           case EFL_NET_SSL_CIPHER_TLSV1_2:
+              ctx->ssl_ctx = SSL_CTX_new(TLS_server_method());
+              break;
 #endif
            default:
               ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);