lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

[TLS] openssl 1.1.0 makes SSL_OP_NO_SSLv2 no-op 

silence coverity warning

openssl 1.1.0 makes SSL_OP_NO_SSLv2 flag a no-op, leading to
logically dead code when used with openssl 1.1.0.  However, the code
is still valid with earlier openssl versions, and so must be preserved.
This commit is contained in:
Glenn Strauss 2016-12-23 07:36:30 -05:00
parent a09d80dfd1
commit 38d00abd8f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/network.c
View File

@ -841,7 +841,7 @@ int network_init(server *srv) {
SSL_CTX_set_options(s->ssl_ctx, ssloptions);
SSL_CTX_set_info_callback(s->ssl_ctx, ssl_info_callback);
if (!s->ssl_use_sslv2) {
if (!s->ssl_use_sslv2 && 0 != SSL_OP_NO_SSLv2) {
/* disable SSLv2 */
if ((SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) != SSL_OP_NO_SSLv2) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
@ -850,7 +850,7 @@ int network_init(server *srv) {
}
}
if (!s->ssl_use_sslv3) {
if (!s->ssl_use_sslv3 && 0 != SSL_OP_NO_SSLv3) {
/* disable SSLv3 */
if ((SSL_OP_NO_SSLv3 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv3)) != SSL_OP_NO_SSLv3) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",