walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Replace TLSv23_method with TLS_method

This commit is contained in:
Tatsuhiro Tsujikawa 2021-10-17 17:21:09 +09:00
parent 8c36971ea9
commit 65d3c9047f
8 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/client.c
View File

@ -544,7 +544,7 @@ static void fetch_uri(const struct URI *uri) {
if (fd == -1) { if (fd == -1) {
die("Could not open file descriptor"); die("Could not open file descriptor");
} }
ssl_ctx = SSL_CTX_new(SSLv23_client_method()); ssl_ctx = SSL_CTX_new(TLS_client_method());
if (ssl_ctx == NULL) { if (ssl_ctx == NULL) {
dief("SSL_CTX_new", ERR_error_string(ERR_get_error(), NULL)); dief("SSL_CTX_new", ERR_error_string(ERR_get_error(), NULL));
} }

2
examples/libevent-client.c
View File

@ -328,7 +328,7 @@ static int select_next_proto_cb(SSL *ssl, unsigned char **out,
/* Create SSL_CTX. */ /* Create SSL_CTX. */
static SSL_CTX *create_ssl_ctx(void) { static SSL_CTX *create_ssl_ctx(void) {
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
ssl_ctx = SSL_CTX_new(SSLv23_client_method()); ssl_ctx = SSL_CTX_new(TLS_client_method());
if (!ssl_ctx) { if (!ssl_ctx) {
errx(1, "Could not create SSL/TLS context: %s", errx(1, "Could not create SSL/TLS context: %s",
ERR_error_string(ERR_get_error(), NULL)); ERR_error_string(ERR_get_error(), NULL));

2
examples/libevent-server.c
View File

@ -143,7 +143,7 @@ static int alpn_select_proto_cb(SSL *ssl, const unsigned char **out,
static SSL_CTX *create_ssl_ctx(const char *key_file, const char *cert_file) { static SSL_CTX *create_ssl_ctx(const char *key_file, const char *cert_file) {
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
ssl_ctx = SSL_CTX_new(SSLv23_server_method()); ssl_ctx = SSL_CTX_new(TLS_server_method());
if (!ssl_ctx) { if (!ssl_ctx) {
errx(1, "Could not create SSL/TLS context: %s", errx(1, "Could not create SSL/TLS context: %s",
ERR_error_string(ERR_get_error(), NULL)); ERR_error_string(ERR_get_error(), NULL));

2
src/HttpServer.cc
View File

@ -2110,7 +2110,7 @@ int HttpServer::run() {
std::vector<unsigned char> next_proto; std::vector<unsigned char> next_proto;
if (!config_->no_tls) { if (!config_->no_tls) {
ssl_ctx = SSL_CTX_new(SSLv23_server_method()); ssl_ctx = SSL_CTX_new(TLS_server_method());
if (!ssl_ctx) { if (!ssl_ctx) {
std::cerr << ERR_error_string(ERR_get_error(), nullptr) << std::endl; std::cerr << ERR_error_string(ERR_get_error(), nullptr) << std::endl;
return -1; return -1;

2
src/h2load.cc
View File

@ -2811,7 +2811,7 @@ int main(int argc, char **argv) {
act.sa_handler = SIG_IGN; act.sa_handler = SIG_IGN;
sigaction(SIGPIPE, &act, nullptr); sigaction(SIGPIPE, &act, nullptr);
auto ssl_ctx = SSL_CTX_new(SSLv23_client_method()); auto ssl_ctx = SSL_CTX_new(TLS_client_method());
if (!ssl_ctx) { if (!ssl_ctx) {
std::cerr << "Failed to create SSL_CTX: " std::cerr << "Failed to create SSL_CTX: "
<< ERR_error_string(ERR_get_error(), nullptr) << std::endl; << ERR_error_string(ERR_get_error(), nullptr) << std::endl;

2
src/nghttp.cc
View File

@ -2268,7 +2268,7 @@ int communicate(
auto loop = EV_DEFAULT; auto loop = EV_DEFAULT;
SSL_CTX *ssl_ctx = nullptr; SSL_CTX *ssl_ctx = nullptr;
if (scheme == "https") { if (scheme == "https") {
ssl_ctx = SSL_CTX_new(SSLv23_client_method()); ssl_ctx = SSL_CTX_new(TLS_client_method());
if (!ssl_ctx) { if (!ssl_ctx) {
std::cerr << "[ERROR] Failed to create SSL_CTX: " std::cerr << "[ERROR] Failed to create SSL_CTX: "
<< ERR_error_string(ERR_get_error(), nullptr) << std::endl; << ERR_error_string(ERR_get_error(), nullptr) << std::endl;

4
src/shrpx_tls.cc
View File

@ -927,7 +927,7 @@ SSL_CTX *create_ssl_context(const char *private_key_file, const char *cert_file,
neverbleed_t *nb neverbleed_t *nb
#endif // HAVE_NEVERBLEED #endif // HAVE_NEVERBLEED
) { ) {
auto ssl_ctx = SSL_CTX_new(SSLv23_server_method()); auto ssl_ctx = SSL_CTX_new(TLS_server_method());
if (!ssl_ctx) { if (!ssl_ctx) {
LOG(FATAL) << ERR_error_string(ERR_get_error(), nullptr); LOG(FATAL) << ERR_error_string(ERR_get_error(), nullptr);
DIE(); DIE();
@ -1694,7 +1694,7 @@ SSL_CTX *create_ssl_client_context(
int (*next_proto_select_cb)(SSL *s, unsigned char **out, int (*next_proto_select_cb)(SSL *s, unsigned char **out,
unsigned char *outlen, const unsigned char *in, unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg)) { unsigned int inlen, void *arg)) {
auto ssl_ctx = SSL_CTX_new(SSLv23_client_method()); auto ssl_ctx = SSL_CTX_new(TLS_client_method());
if (!ssl_ctx) { if (!ssl_ctx) {
LOG(FATAL) << ERR_error_string(ERR_get_error(), nullptr); LOG(FATAL) << ERR_error_string(ERR_get_error(), nullptr);
DIE(); DIE();

4
src/shrpx_tls_test.cc
View File

@ -121,7 +121,7 @@ void test_shrpx_tls_cert_lookup_tree_add_ssl_ctx(void) {
static constexpr char nghttp2_certfile[] = static constexpr char nghttp2_certfile[] =
NGHTTP2_SRC_DIR "/test.nghttp2.org.pem"; NGHTTP2_SRC_DIR "/test.nghttp2.org.pem";
auto nghttp2_ssl_ctx = SSL_CTX_new(SSLv23_server_method()); auto nghttp2_ssl_ctx = SSL_CTX_new(TLS_server_method());
auto nghttp2_ssl_ctx_del = defer(SSL_CTX_free, nghttp2_ssl_ctx); auto nghttp2_ssl_ctx_del = defer(SSL_CTX_free, nghttp2_ssl_ctx);
auto nghttp2_tls_ctx_data = std::make_unique<tls::TLSContextData>(); auto nghttp2_tls_ctx_data = std::make_unique<tls::TLSContextData>();
nghttp2_tls_ctx_data->cert_file = nghttp2_certfile; nghttp2_tls_ctx_data->cert_file = nghttp2_certfile;
@ -132,7 +132,7 @@ void test_shrpx_tls_cert_lookup_tree_add_ssl_ctx(void) {
static constexpr char examples_certfile[] = static constexpr char examples_certfile[] =
NGHTTP2_SRC_DIR "/test.example.com.pem"; NGHTTP2_SRC_DIR "/test.example.com.pem";
auto examples_ssl_ctx = SSL_CTX_new(SSLv23_server_method()); auto examples_ssl_ctx = SSL_CTX_new(TLS_server_method());
auto examples_ssl_ctx_del = defer(SSL_CTX_free, examples_ssl_ctx); auto examples_ssl_ctx_del = defer(SSL_CTX_free, examples_ssl_ctx);
auto examples_tls_ctx_data = std::make_unique<tls::TLSContextData>(); auto examples_tls_ctx_data = std::make_unique<tls::TLSContextData>();
examples_tls_ctx_data->cert_file = examples_certfile; examples_tls_ctx_data->cert_file = examples_certfile;