ark0f / okhttp-fork Goto Github PK
View Code? Open in Web Editor NEWOkHttp fork for C++
License: Apache License 2.0
OkHttp fork for C++
License: Apache License 2.0
/home/fox/okhttp-fork/lib/ssl/Context.cpp: In constructor 'ohf::ssl::Context::Context(ohf::TLSVersion)':
/home/fox/okhttp-fork/lib/ssl/Context.cpp:19:43: error: 'SSLv2_method' was not declared in this scope
method = SSLv2_method();
^
/home/fox/okhttp-fork/lib/ssl/Context.cpp:23:43: error: 'SSLv3_method' was not declared in this scope
method = SSLv3_method();
^
This error can be easily fixed by removing SSL-related constructions from Context.cpp:
diff --git a/lib/ssl/Context.cpp b/lib/ssl/Context.cpp
index fd08a23..9b4ffa5 100644
--- a/lib/ssl/Context.cpp
+++ b/lib/ssl/Context.cpp
@@ -11,17 +11,6 @@ namespace ohf {
Context::Context(TLSVersion version) : pImpl(new impl) {
const SSL_METHOD *method;
switch (version) {
- case TLSVersion::SSLv23:
- method = SSLv23_method();
- break;
- #ifndef OPENSSL_NO_SSL2
- case TLSVersion::SSLv2:
- method = SSLv2_method();
- break;
- #endif
- case TLSVersion::SSLv3:
- method = SSLv3_method();
- break;
case TLSVersion::TLSv1:
method = TLSv1_method();
break;
But then we will get this error:
/home/fox/okhttp-fork/lib/ssl/SSL.cpp: In member function 'std::vector<ohf::ssl::CipherSuite> ohf::ssl::SSL::ciphers() const':
/home/fox/okhttp-fork/lib/ssl/SSL.cpp:81:53: error: invalid use of incomplete type 'struct stack_st_SSL_CIPHER'
auto stack = SSL_get_ciphers(pImpl->ssl)->stack;
^~
In file included from /usr/include/openssl/crypto.h:29:0,
from /usr/include/openssl/comp.h:16,
from /usr/include/openssl/ssl.h:47,
from /home/fox/okhttp-fork/lib/ssl/Util.hpp:13,
from /home/fox/okhttp-fork/lib/ssl/SSL.cpp:7:
/usr/include/openssl/ssl.h:233:1: note: forward declaration of 'struct stack_st_SSL_CIPHER'
STACK_OF(SSL_CIPHER);
^
In 2014, SSL 3.0 was found to be vulnerable to the POODLE attack that affects all block ciphers in SSL; and RC4, the only non-block cipher supported by SSL 3.0, is also feasibly broken as used in SSL 3.0.
SSL 2.0 was prohibited in 2011 by RFC 6176, and SSL 3.0 was also later prohibited in June 2015 by RFC 7568.
-- Wikipedia, Transport Layer Security page
I see no reason to support vulnerable protocol.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.