81 lines
2.5 KiB
Diff
81 lines
2.5 KiB
Diff
From 8b05af027723ff3a64040275d4050ff0e992d629 Mon Sep 17 00:00:00 2001
|
|
From: Marko Kohtala <marko.kohtala@gmail.com>
|
|
Date: Sun, 9 Feb 2014 22:54:11 +0200
|
|
Subject: [PATCH] Use SSLv3 by default
|
|
|
|
SSLv2_client_method may be hidden. Use the SSLv23_client_method instead.
|
|
|
|
This is a fix from Debian package partimage-0.6.8-2.2.
|
|
|
|
Signed-off-by: Marko Kohtala <marko.kohtala@gmail.com>
|
|
---
|
|
src/client/netclient.cpp | 3 +--
|
|
src/client/netclient.h | 6 ------
|
|
src/server/netserver.cpp | 3 +--
|
|
src/server/netserver.h | 6 ------
|
|
4 files changed, 2 insertions(+), 16 deletions(-)
|
|
|
|
diff --git a/src/client/netclient.cpp b/src/client/netclient.cpp
|
|
index 30b8d5c..43b2672 100644
|
|
--- a/src/client/netclient.cpp
|
|
+++ b/src/client/netclient.cpp
|
|
@@ -43,9 +43,8 @@ CNetClient::CNetClient(bool bMustLogin, bool bUseSSL):CNet()
|
|
{
|
|
showDebug(3, "initializing client ssl\n");
|
|
SSLeay_add_ssl_algorithms();
|
|
- meth = SSLv2_client_method();
|
|
SSL_load_error_strings();
|
|
- ctx = SSL_CTX_new(meth);
|
|
+ ctx = SSL_CTX_new(SSLv23_client_method());
|
|
if (!ctx)
|
|
THROW(ERR_SSL_CTX);
|
|
m_bUseSSL = (ctx != NULL);
|
|
diff --git a/src/client/netclient.h b/src/client/netclient.h
|
|
index 8423798..9d98b39 100644
|
|
--- a/src/client/netclient.h
|
|
+++ b/src/client/netclient.h
|
|
@@ -35,12 +35,6 @@ class CNetClient : public CNet
|
|
#ifdef HAVE_SSL
|
|
SSL_CTX * ctx;
|
|
X509 * server_cert;
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
|
- SSL_METHOD const * meth;
|
|
-#else
|
|
- SSL_METHOD * meth;
|
|
-#endif // OPENSSL_VERSION_NUMBER
|
|
-
|
|
#endif
|
|
bool m_bUseSSL;
|
|
bool m_bMustLogin;
|
|
diff --git a/src/server/netserver.cpp b/src/server/netserver.cpp
|
|
index a542760..28c43cc 100644
|
|
--- a/src/server/netserver.cpp
|
|
+++ b/src/server/netserver.cpp
|
|
@@ -39,8 +39,7 @@ CNetServer::CNetServer( uint32_t ip4_addr, unsigned short int port):CNet()
|
|
{
|
|
SSL_load_error_strings();
|
|
SSLeay_add_ssl_algorithms();
|
|
- meth = SSLv23_server_method();
|
|
- ctx = SSL_CTX_new(meth);
|
|
+ ctx = SSL_CTX_new(SSLv23_server_method());
|
|
if (!ctx)
|
|
{
|
|
ERR_print_errors_fp(stderr);
|
|
diff --git a/src/server/netserver.h b/src/server/netserver.h
|
|
index 01f6b6c..29d2a32 100644
|
|
--- a/src/server/netserver.h
|
|
+++ b/src/server/netserver.h
|
|
@@ -41,12 +41,6 @@ class CNetServer : public CNet
|
|
#ifdef HAVE_SSL
|
|
SSL_CTX * ctx;
|
|
X509 * client_cert;
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
|
- SSL_METHOD const * meth;
|
|
-#else
|
|
- SSL_METHOD * meth;
|
|
-#endif // OPENSSL_VERSION_NUMBER
|
|
-
|
|
int err;
|
|
#endif
|
|
|