efl net - adapt to openssl 1.1.0 changes with tls method support

support the tls methods if on openssl 1.1.0 so we don't get "unsupported cipher" as it does support it just with a new api. @fix
2017-09-15 14:14:03 +09:00 · 2017-09-15 14:14:03 +09:00 · f179d32157
parent d3440a9867
commit f179d32157
1 changed files with 14 additions and 2 deletions
--- a/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
+++ b/src/lib/ecore_con/efl_net_ssl_ctx-openssl.c
@ -269,7 +269,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
 #ifndef OPENSSL_NO_SSL3_METHOD
              ctx->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
 #else
-              ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
+              ctx->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
 #endif
              break;
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@ -282,6 +282,12 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
           case EFL_NET_SSL_CIPHER_TLSV1_2:
              ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());
              break;
+#else
+           case EFL_NET_SSL_CIPHER_TLSV1:
+           case EFL_NET_SSL_CIPHER_TLSV1_1:
+           case EFL_NET_SSL_CIPHER_TLSV1_2:
+              ctx->ssl_ctx = SSL_CTX_new(TLS_client_method());
+              break;
 #endif
           default:
              ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
@ -301,7 +307,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
 #ifndef OPENSSL_NO_SSL3_METHOD
              ctx->ssl_ctx = SSL_CTX_new(SSLv3_server_method());
 #else
-              ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
+              ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
 #endif
              break;
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@ -314,6 +320,12 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
           case EFL_NET_SSL_CIPHER_TLSV1_2:
              ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_server_method());
              break;
+#else
+           case EFL_NET_SSL_CIPHER_TLSV1:
+           case EFL_NET_SSL_CIPHER_TLSV1_1:
+           case EFL_NET_SSL_CIPHER_TLSV1_2:
+              ctx->ssl_ctx = SSL_CTX_new(TLS_server_method());
+              break;
 #endif
           default:
              ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);