0020-support-OPENSSL_NO_SSL3_METHOD.patch 1.7 KB

1234567891011121314151617181920212223242526272829303132333435363738394041
  1. --- lua-openssl-0.6.0.old/src/ssl.c 2016-09-19 08:30:43.735075695 +0200
  2. +++ lua-openssl-0.6.0/src/ssl.c 2016-09-19 09:02:45.733813437 +0200
  3. @@ -24,12 +24,17 @@
  4. SSL_METHOD* method = NULL;
  5. const char* ciphers;
  6. SSL_CTX* ctx;
  7. - if (strcmp(meth, "SSLv3") == 0)
  8. + if (0);
  9. +
  10. +#ifndef OPENSSL_NO_SSL3
  11. + else if (strcmp(meth, "SSLv3") == 0)
  12. method = SSLv3_method(); /* SSLv3 */
  13. else if (strcmp(meth, "SSLv3_server") == 0)
  14. method = SSLv3_server_method(); /* SSLv3 */
  15. else if (strcmp(meth, "SSLv3_client") == 0)
  16. method = SSLv3_client_method(); /* SSLv3 */
  17. +#endif
  18. +
  19. else if (strcmp(meth, "SSLv23") == 0)
  20. method = SSLv23_method(); /* SSLv3 but can rollback to v2 */
  21. else if (strcmp(meth, "SSLv23_server") == 0)
  22. @@ -79,15 +84,15 @@
  23. #endif
  24. else
  25. luaL_error(L, "#1:%s not supported\n"
  26. - "Maybe SSLv3 SSLv23 TLSv1 TLSv1_1 TLSv1_2 DTLSv1 [SSLv2], option followed by _client or _server\n",
  27. - "default is SSLv3",
  28. + "Maybe [SSLv3] SSLv23 TLSv1 TLSv1_1 TLSv1_2 DTLSv1 [SSLv2], option followed by _client or _server\n",
  29. + "default is TLSv1",
  30. meth);
  31. ciphers = luaL_optstring(L, 2, SSL_DEFAULT_CIPHER_LIST);
  32. ctx = SSL_CTX_new(method);
  33. if (!ctx)
  34. luaL_error(L, "#1:%s not supported\n"
  35. - "Maybe SSLv3 SSLv23 TLSv1 TLSv1_1 TLSv1_2 DTLSv1 [SSLv2], option followed by _client or _server\n",
  36. - "default is SSLv3",
  37. + "Maybe [SSLv3] SSLv23 TLSv1 TLSv1_1 TLSv1_2 DTLSv1 [SSLv2], option followed by _client or _server\n",
  38. + "default is TLSv1",
  39. meth);
  40. openssl_newvalue(L, ctx);
  41. SSL_CTX_set_cipher_list(ctx, ciphers);