diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-08-28 22:20:51 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-09-03 11:22:54 +0900 |
commit | 5653599e150bd92d8631858fe6e0def1f9a3c33d (patch) | |
tree | a257929b8e5e099f6a9fcd02790d76e065a26597 /ext/openssl/extconf.rb | |
parent | 18603949d3161e109803b7c379936c3a487ef8d0 (diff) | |
download | ruby-openssl-5653599e150bd92d8631858fe6e0def1f9a3c33d.tar.gz |
ssl: rework SSLContext#ssl_version=
Reimplement SSLContext#ssl_version= as a wrapper around
SSLContext#min_version= and #max_version=.
SSLContext#ssl_version= used to call SSL_CTX_set_ssl_version() which
replaces the SSL method used for the connections created from the SSL
context. This is mainly used for forcing a specific SSL/TLS protocol
version.
As of OpenSSL 1.1.0, however, use of the version-specific SSL methods
such as TLSv1_method() is deprecated. Follow the current recommendation
-- to use the generic SSL method always and to control the supported
version range by SSL_CTX_set_{min,max}_proto_version(). Actually, we
have already started doing a similar thing when the extension is
compiled with OpenSSL 1.1.0.
OpenSSL::SSL::SSLContext::METHODS, which contained the possible names of
SSL methods, is not useful anymore. It is now deprecate_constant-ed.
Diffstat (limited to 'ext/openssl/extconf.rb')
-rw-r--r-- | ext/openssl/extconf.rb | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 0f099fc3..5212903b 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -104,11 +104,6 @@ end Logging::message "=== Checking for OpenSSL features... ===\n" # compile options - -# SSLv2 and SSLv3 may be removed in future versions of OpenSSL, and even macros -# like OPENSSL_NO_SSL2 may not be defined. -have_func("SSLv2_method") -have_func("SSLv3_method") have_func("RAND_egd") engines = %w{builtin_engines openbsd_dev_crypto dynamic 4758cca aep atalla chil cswift nuron sureware ubsec padlock capi gmp gost cryptodev aesni} |