diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-14 14:12:12 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-21 00:46:34 +0900 |
commit | 90270e5191c77e214c67a089e5923e15d985cfa2 (patch) | |
tree | c69463c405a02a0a1ca9cce975c1fc359d4ecebc | |
parent | ee001f2601c0adb4ff3387495bf1450f82ae1ec2 (diff) | |
download | ruby-90270e5191c77e214c67a089e5923e15d985cfa2.tar.gz |
disable security_level if unsupported
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.c | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index d1d5d852c1..d042fd210a 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -140,6 +140,7 @@ have_func("SSL_CTX_set_alpn_select_cb") have_func("SSL_CTX_set_next_proto_select_cb") have_func("SSL_CTX_set_tmp_ecdh_callback") have_func("SSL_CTX_get_ciphers") +have_func("SSL_CTX_get_security_level") # 1.1.0 have_func_or_macro("SSL_CTX_set1_curves_list", "openssl/ssl.h") have_macro("SSL_get_server_tmp_key", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_GET_SERVER_TMP_KEY") unless have_func("SSL_set_tlsext_host_name", ['openssl/ssl.h']) diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index fc741cf7fa..0e68bd869b 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -959,7 +959,11 @@ ossl_sslctx_get_security_level(VALUE self) return Qnil; } +#if defined(HAVE_SSL_CTX_GET_SECURITY_LEVEL) i = SSL_CTX_get_security_level(ctx); +#else + i = 0; +#endif return INT2FIX(i); } @@ -981,7 +985,9 @@ ossl_sslctx_set_security_level(VALUE self, VALUE v) if (!ctx) ossl_raise(eSSLError, "SSL_CTX is not initialized."); +#if defined(HAVE_SSL_CTX_GET_SECURITY_LEVEL) SSL_CTX_set_security_level(ctx, NUM2INT(v)); +#endif return v; } |