ACE_TAO icon indicating copy to clipboard operation
ACE_TAO copied to clipboard

Implemented OpenSSL 1.1.0 TLS methods and deprecated SSLv23 ones.

Open akotulu opened this issue 1 year ago • 13 comments

SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were added in OpenSSL 1.1.0.

All version-specific methods were deprecated in OpenSSL 1.1.0.

SSLv23_method

akotulu avatar Apr 30 '24 10:04 akotulu

Doesn't this change break any user code which uses the SSLv23 ones?

jwillemsen avatar Apr 30 '24 10:04 jwillemsen

Here is quote from docs.

SSLv23_method(), SSLv23_server_method(), SSLv23_client_method() These functions do not exist anymore, they have been renamed to TLS_method(), TLS_server_method() and TLS_client_method() respectively. Currently, the old function calls are renamed to the corresponding new ones by preprocessor macros, to ensure that existing code which uses the old function names still compiles. However, using the old function names is deprecated and new code should call the new functions instead.

akotulu avatar Apr 30 '24 10:04 akotulu

Ok, but you do change the enum provided by ACE in such a way that when someone uses it, it will not compile unless they change their code

jwillemsen avatar Apr 30 '24 11:04 jwillemsen

https://github.com/DOCGroup/ACE_TAO/issues/958

jwillemsen avatar Apr 30 '24 11:04 jwillemsen

Ok, I will add the enum values back with corresponding TLS calls.

akotulu avatar Apr 30 '24 11:04 akotulu

Mark the old enums as deprecated so that we know they are deprecated and can be removed at some point, maybe use the C++14 https://en.cppreference.com/w/cpp/language/attributes/deprecated, C++17 is now required for ACE/TAO

jwillemsen avatar Apr 30 '24 11:04 jwillemsen

Made the changes. Is it ok now?

akotulu avatar Apr 30 '24 11:04 akotulu

What when ssl version is smaller as 0x10100000L, than the new defines are there. Also in ACE_SSL_Context::load_trusted_ca the old enums are not tested

jwillemsen avatar Apr 30 '24 11:04 jwillemsen

Huh, sorry about the mess. Haven't done such a backwards compatibility stuff before. It should now be ok.

akotulu avatar Apr 30 '24 11:04 akotulu

When < 0x10100000L the enums will still give a deprecated warning

jwillemsen avatar Apr 30 '24 11:04 jwillemsen

Idk if this is the best way to remove the deprecation warning, but here it is.

akotulu avatar Apr 30 '24 12:04 akotulu

Please fix fuzz errors

jwillemsen avatar Apr 30 '24 13:04 jwillemsen

Done.

akotulu avatar Apr 30 '24 14:04 akotulu