Lines 363-368
SecureSocket::loadCertificates(String& filename)
Link Here
|
363 |
void |
363 |
void |
364 |
SecureSocket::initContext(bool server) |
364 |
SecureSocket::initContext(bool server) |
365 |
{ |
365 |
{ |
|
|
366 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
366 |
SSL_library_init(); |
367 |
SSL_library_init(); |
367 |
|
368 |
|
368 |
const SSL_METHOD* method; |
369 |
const SSL_METHOD* method; |
Lines 372-382
SecureSocket::initContext(bool server)
Link Here
|
372 |
|
373 |
|
373 |
// load all error messages |
374 |
// load all error messages |
374 |
SSL_load_error_strings(); |
375 |
SSL_load_error_strings(); |
|
|
376 |
#else |
377 |
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | |
378 |
OPENSSL_INIT_ADD_ALL_CIPHERS | |
379 |
OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); |
380 |
|
381 |
const SSL_METHOD* method; |
382 |
#endif |
375 |
|
383 |
|
376 |
if (CLOG->getFilter() >= kINFO) { |
384 |
if (CLOG->getFilter() >= kINFO) { |
377 |
showSecureLibInfo(); |
385 |
showSecureLibInfo(); |
378 |
} |
386 |
} |
379 |
|
387 |
|
|
|
388 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
380 |
// SSLv23_method uses TLSv1, with the ability to fall back to SSLv3 |
389 |
// SSLv23_method uses TLSv1, with the ability to fall back to SSLv3 |
381 |
if (server) { |
390 |
if (server) { |
382 |
method = SSLv23_server_method(); |
391 |
method = SSLv23_server_method(); |
Lines 384-396
SecureSocket::initContext(bool server)
Link Here
|
384 |
else { |
393 |
else { |
385 |
method = SSLv23_client_method(); |
394 |
method = SSLv23_client_method(); |
386 |
} |
395 |
} |
|
|
396 |
#else |
397 |
if (server) { |
398 |
method = TLS_server_method(); |
399 |
} |
400 |
else { |
401 |
method = TLS_client_method(); |
402 |
} |
403 |
#endif |
387 |
|
404 |
|
388 |
// create new context from method |
405 |
// create new context from method |
389 |
SSL_METHOD* m = const_cast<SSL_METHOD*>(method); |
406 |
SSL_METHOD* m = const_cast<SSL_METHOD*>(method); |
390 |
m_ssl->m_context = SSL_CTX_new(m); |
407 |
m_ssl->m_context = SSL_CTX_new(m); |
391 |
|
408 |
|
392 |
// drop SSLv3 support |
409 |
// drop SSLv3 support |
|
|
410 |
#if OPENSL_VERSION_NUMBER < 0x10100000L |
393 |
SSL_CTX_set_options(m_ssl->m_context, SSL_OP_NO_SSLv3); |
411 |
SSL_CTX_set_options(m_ssl->m_context, SSL_OP_NO_SSLv3); |
|
|
412 |
#else |
413 |
SSL_CTX_set_min_proto_version(m_ssl->m_context, TLS1_VERSION); |
414 |
#endif |
394 |
|
415 |
|
395 |
if (m_ssl->m_context == NULL) { |
416 |
if (m_ssl->m_context == NULL) { |
396 |
showError(); |
417 |
showError(); |
Lines 828-838
SecureSocket::showSecureCipherInfo()
Link Here
|
828 |
void |
849 |
void |
829 |
SecureSocket::showSecureLibInfo() |
850 |
SecureSocket::showSecureLibInfo() |
830 |
{ |
851 |
{ |
|
|
852 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
831 |
LOG((CLOG_INFO "%s",SSLeay_version(SSLEAY_VERSION))); |
853 |
LOG((CLOG_INFO "%s",SSLeay_version(SSLEAY_VERSION))); |
832 |
LOG((CLOG_DEBUG1 "openSSL : %s",SSLeay_version(SSLEAY_CFLAGS))); |
854 |
LOG((CLOG_DEBUG1 "openSSL : %s",SSLeay_version(SSLEAY_CFLAGS))); |
833 |
LOG((CLOG_DEBUG1 "openSSL : %s",SSLeay_version(SSLEAY_BUILT_ON))); |
855 |
LOG((CLOG_DEBUG1 "openSSL : %s",SSLeay_version(SSLEAY_BUILT_ON))); |
834 |
LOG((CLOG_DEBUG1 "openSSL : %s",SSLeay_version(SSLEAY_PLATFORM))); |
856 |
LOG((CLOG_DEBUG1 "openSSL : %s",SSLeay_version(SSLEAY_PLATFORM))); |
835 |
LOG((CLOG_DEBUG1 "%s",SSLeay_version(SSLEAY_DIR))); |
857 |
LOG((CLOG_DEBUG1 "%s",SSLeay_version(SSLEAY_DIR))); |
|
|
858 |
#else |
859 |
LOG((CLOG_INFO "%s",OpenSSL_version(OPENSSL_VERSION))); |
860 |
LOG((CLOG_DEBUG1 "openSSL : %s",OpenSSL_version(OPENSSL_CFLAGS))); |
861 |
LOG((CLOG_DEBUG1 "openSSL : %s",OpenSSL_version(OPENSSL_BUILT_ON))); |
862 |
LOG((CLOG_DEBUG1 "openSSL : %s",OpenSSL_version(OPENSSL_PLATFORM))); |
863 |
LOG((CLOG_DEBUG1 "%s",OpenSSL_version(OPENSSL_DIR))); |
864 |
#endif |
836 |
return; |
865 |
return; |
837 |
} |
866 |
} |
838 |
|
867 |
|