Bläddra i källkod

Use up-to-date OpenSSL API + Use the same API to retrieve cipher suites for /info, as we use for neon (and indirectly for FTP too)

Noop change (currently SSLv23_client_method is just an alias to TLS_client_method, same for TLS_method vs SSLv23_method

Source commit: d35fcf2fbb722795f1ef267051892f0a931e2ab2
Martin Prikryl 1 år sedan
förälder
incheckning
532f1847b2
3 ändrade filer med 4 tillägg och 3 borttagningar
  1. 1 1
      libs/neon/src/ne_openssl.c
  2. 2 1
      source/core/Common.cpp
  3. 1 1
      source/filezilla/AsyncSslSocketLayer.cpp

+ 1 - 1
libs/neon/src/ne_openssl.c

@@ -584,7 +584,7 @@ ne_ssl_context *ne_ssl_context_create(int mode)
 {
     ne_ssl_context *ctx = ne_calloc(sizeof *ctx);
     if (mode == NE_SSL_CTX_CLIENT) {
-        ctx->ctx = SSL_CTX_new(SSLv23_client_method());
+        ctx->ctx = SSL_CTX_new(TLS_client_method());
         ctx->sess = NULL;
         /* set client cert callback. */
         SSL_CTX_set_client_cert_cb(ctx->ctx, provide_client_cert);

+ 2 - 1
source/core/Common.cpp

@@ -4341,7 +4341,8 @@ UnicodeString __fastcall GetFileMimeType(const UnicodeString & FileName)
 TStrings * TlsCipherList()
 {
   std::unique_ptr<TStrings> Result(new TStringList());
-  const SSL_METHOD * Method = DTLS_client_method();
+  // Exact method that neon uses. FTP uses TLS_method() (FTP needs server method too). But they have the same ciphers.
+  const SSL_METHOD * Method = TLS_client_method();
   SSL_CTX * Ctx = SSL_CTX_new(Method);
   SSL * Ssl = SSL_new(Ctx);
 

+ 1 - 1
source/filezilla/AsyncSslSocketLayer.cpp

@@ -726,7 +726,7 @@ int CAsyncSslSocketLayer::InitSSLConnection(bool clientMode,
     if (!m_ssl_ctx)
     {
       // Create new context if none given
-      if (!(m_ssl_ctx = SSL_CTX_new( SSLv23_method())))
+      if (!(m_ssl_ctx = SSL_CTX_new( TLS_method())))
       {
         ResetSslSession();
         return SSL_FAILURE_INITSSL;