Changeset 40555 in project


Ignore:
Timestamp:
09/14/21 10:05:37 (9 days ago)
Author:
Vasilij Schneidermann
Message:

openssl: Avoid obsolete SSL APIs

File:
1 edited

Legend:

Unmodified
Added
Removed
  • release/4/openssl/trunk/openssl.scm

    r35554 r40555  
    168168           "return(ctx);\n")
    169169          (case protocol
    170             ((sslv2-or-v3)
    171              (if server
    172                  ((foreign-lambda c-pointer "SSLv23_server_method"))
    173                  ((foreign-lambda c-pointer "SSLv23_client_method"))))
    174             ((sslv3)
    175              (if server
    176                  ((foreign-lambda c-pointer "SSLv3_server_method"))
    177                  ((foreign-lambda c-pointer "SSLv3_client_method"))))
     170            ((sslv2-or-v3 sslv3)
     171             (abort
     172              (make-composite-condition
     173               (make-property-condition
     174                'exn
     175                'message "obsolete SSL connection protocol"
     176                'location 'ssl-ctx-new
     177                'arguments (list protocol))
     178               (make-property-condition
     179                'type))))
    178180            ((tls tlsv1)
    179181             (if server
     
    587589  (context ssl-unwrap-client-context))
    588590
    589 (define (ssl-make-client-context #!optional (protocol 'sslv2-or-v3))
     591(define (ssl-make-client-context #!optional (protocol 'tls))
    590592  (ssl-wrap-client-context (ssl-ctx-new protocol #f)))
    591593
     
    596598
    597599;; connect to SSL server
    598 (define (ssl-connect hostname #!optional port (ctx 'sslv2-or-v3) sni-name)
     600(define (ssl-connect hostname #!optional port (ctx 'tls) sni-name)
    599601  (let* ((ctx
    600602          (if (ssl-client-context? ctx)
     
    656658                     tcp-read-timeout tcp-write-timeout)))))
    657659
    658 (define (ssl-listen port #!optional (backlog 4) (hostname #f) (protocol 'sslv2-or-v3))
     660(define (ssl-listen port #!optional (backlog 4) (hostname #f) (protocol 'tls))
    659661  (ssl-wrap-listener
    660662   (ssl-ctx-new protocol #t)
Note: See TracChangeset for help on using the changeset viewer.