mirror of
https://github.com/brunoos/luasec.git
synced 2024-12-26 20:48:22 +01:00
Removing deprecated methods to select the protocol
Using TLS_method(), SSL_set_min_proto_version() and SSL_set_max_proto_version().
This commit is contained in:
parent
89bdc6148c
commit
28e247dbc5
@ -59,11 +59,46 @@ static int set_option_flag(const char *opt, unsigned long *flag)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
|
||||
|
||||
/**
|
||||
* Find the protocol.
|
||||
*/
|
||||
static const SSL_METHOD* str2method(const char *method)
|
||||
static const SSL_METHOD* str2method(const char *method, int *vmin, int *vmax)
|
||||
{
|
||||
if (!strcmp(method, "any") || !strcmp(method, "sslv23")) {
|
||||
*vmin = TLS1_VERSION;
|
||||
*vmax = TLS1_2_VERSION;
|
||||
return TLS_method();
|
||||
}
|
||||
else if (!strcmp(method, "tlsv1")) {
|
||||
*vmin = TLS1_VERSION;
|
||||
*vmax = TLS1_VERSION;
|
||||
return TLS_method();
|
||||
}
|
||||
else if (!strcmp(method, "tlsv1_1")) {
|
||||
*vmin = TLS1_1_VERSION;
|
||||
*vmax = TLS1_1_VERSION;
|
||||
return TLS_method();
|
||||
}
|
||||
else if (!strcmp(method, "tlsv1_2")) {
|
||||
*vmin = TLS1_2_VERSION;
|
||||
*vmax = TLS1_2_VERSION;
|
||||
return TLS_method();
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
/**
|
||||
* Find the protocol.
|
||||
*/
|
||||
static const SSL_METHOD* str2method(const char *method, int *vmin, int *vmax)
|
||||
{
|
||||
(void)vmin;
|
||||
(void)vmax;
|
||||
if (!strcmp(method, "any")) return SSLv23_method();
|
||||
if (!strcmp(method, "sslv23")) return SSLv23_method(); // deprecated
|
||||
if (!strcmp(method, "tlsv1")) return TLSv1_method();
|
||||
@ -74,6 +109,8 @@ static const SSL_METHOD* str2method(const char *method)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/**
|
||||
* Prepare the SSL handshake verify flag.
|
||||
*/
|
||||
@ -279,9 +316,10 @@ static int create(lua_State *L)
|
||||
p_context ctx;
|
||||
const char *str_method;
|
||||
const SSL_METHOD *method;
|
||||
int vmin, vmax;
|
||||
|
||||
str_method = luaL_checkstring(L, 1);
|
||||
method = str2method(str_method);
|
||||
method = str2method(str_method, &vmin, &vmax);
|
||||
if (!method) {
|
||||
lua_pushnil(L);
|
||||
lua_pushfstring(L, "invalid protocol (%s)", str_method);
|
||||
@ -301,6 +339,10 @@ static int create(lua_State *L)
|
||||
ERR_reason_error_string(ERR_get_error()));
|
||||
return 2;
|
||||
}
|
||||
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
|
||||
SSL_CTX_set_min_proto_version(ctx->context, vmin);
|
||||
SSL_CTX_set_max_proto_version(ctx->context, vmax);
|
||||
#endif
|
||||
ctx->mode = LSEC_MODE_INVALID;
|
||||
ctx->L = L;
|
||||
luaL_getmetatable(L, "SSL:Context");
|
||||
|
Loading…
Reference in New Issue
Block a user