| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame^] | 1 | From 4cd49f470ca983369451d1141acc80fe1115cab4 Mon Sep 17 00:00:00 2001 |
| 2 | From: Nobuaki Sukegawa <nsuke@apache.org> |
| 3 | Date: Sun, 13 Mar 2016 08:55:38 +0900 |
| 4 | Subject: [PATCH] THRIFT-3736 C++ library build fails if OpenSSL does not |
| 5 | |
| 6 | surrpot SSLv3 |
| 7 | |
| 8 | --- |
| 9 | lib/cpp/src/thrift/transport/TSSLSocket.cpp | 2 ++ |
| 10 | lib/cpp/test/SecurityTest.cpp | 8 ++++++++ |
| 11 | 2 files changed, 10 insertions(+) |
| 12 | |
| 13 | diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp |
| 14 | index 0a3a124..3e79354 100644 |
| 15 | --- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp |
| 16 | +++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp |
| 17 | @@ -145,8 +145,10 @@ static char uppercase(char c); |
| 18 | SSLContext::SSLContext(const SSLProtocol& protocol) { |
| 19 | if (protocol == SSLTLS) { |
| 20 | ctx_ = SSL_CTX_new(SSLv23_method()); |
| 21 | +#ifndef OPENSSL_NO_SSL3 |
| 22 | } else if (protocol == SSLv3) { |
| 23 | ctx_ = SSL_CTX_new(SSLv3_method()); |
| 24 | +#endif |
| 25 | } else if (protocol == TLSv1_0) { |
| 26 | ctx_ = SSL_CTX_new(TLSv1_method()); |
| 27 | #if (OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_WITH_TLSv1_1_AND_TLSv1_2) |
| 28 | diff --git a/lib/cpp/test/SecurityTest.cpp b/lib/cpp/test/SecurityTest.cpp |
| 29 | index 213efd4..08110e7 100644 |
| 30 | --- a/lib/cpp/test/SecurityTest.cpp |
| 31 | +++ b/lib/cpp/test/SecurityTest.cpp |
| 32 | @@ -239,6 +239,14 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix) |
| 33 | continue; |
| 34 | } |
| 35 | |
| 36 | +#ifdef OPENSSL_NO_SSL3 |
| 37 | + if (si == 2 || ci == 2) |
| 38 | + { |
| 39 | + // Skip all SSLv3 cases - protocol not supported |
| 40 | + continue; |
| 41 | + } |
| 42 | +#endif |
| 43 | + |
| 44 | boost::mutex::scoped_lock lock(mMutex); |
| 45 | |
| 46 | BOOST_TEST_MESSAGE(boost::format("TEST: Server = %1%, Client = %2%") |