ark0f / okhttp-fork Goto Github PK
View Code? Open in Web Editor NEWOkHttp fork for C++
License: Apache License 2.0
okhttp-fork's People
Contributors
Stargazers
Watchers
Forkers
blacktrace rabbitonly gavinlwz aa3000 pandygui shawl sihai90 zyqiang0713 chunleixiahe huchenmin inbei lzh280 bugcheck amoylelokhttp-fork's Issues
Several compilation problems on Arch linux and Debian 9.3
Steps to reproduce
- Install latest OpenSSL and toolchain on either Arch linux or Debian 9.3 ("stretch").
- Configure and build.
Errors
/home/fox/okhttp-fork/lib/ssl/Context.cpp: In constructor 'ohf::ssl::Context::Context(ohf::TLSVersion)':
/home/fox/okhttp-fork/lib/ssl/Context.cpp:19:43: error: 'SSLv2_method' was not declared in this scope
method = SSLv2_method();
^
/home/fox/okhttp-fork/lib/ssl/Context.cpp:23:43: error: 'SSLv3_method' was not declared in this scope
method = SSLv3_method();
^This error can be easily fixed by removing SSL-related constructions from Context.cpp:
diff --git a/lib/ssl/Context.cpp b/lib/ssl/Context.cpp
index fd08a23..9b4ffa5 100644
--- a/lib/ssl/Context.cpp
+++ b/lib/ssl/Context.cpp
@@ -11,17 +11,6 @@ namespace ohf {
Context::Context(TLSVersion version) : pImpl(new impl) {
const SSL_METHOD *method;
switch (version) {
- case TLSVersion::SSLv23:
- method = SSLv23_method();
- break;
- #ifndef OPENSSL_NO_SSL2
- case TLSVersion::SSLv2:
- method = SSLv2_method();
- break;
- #endif
- case TLSVersion::SSLv3:
- method = SSLv3_method();
- break;
case TLSVersion::TLSv1:
method = TLSv1_method();
break;But then we will get this error:
/home/fox/okhttp-fork/lib/ssl/SSL.cpp: In member function 'std::vector<ohf::ssl::CipherSuite> ohf::ssl::SSL::ciphers() const':
/home/fox/okhttp-fork/lib/ssl/SSL.cpp:81:53: error: invalid use of incomplete type 'struct stack_st_SSL_CIPHER'
auto stack = SSL_get_ciphers(pImpl->ssl)->stack;
^~
In file included from /usr/include/openssl/crypto.h:29:0,
from /usr/include/openssl/comp.h:16,
from /usr/include/openssl/ssl.h:47,
from /home/fox/okhttp-fork/lib/ssl/Util.hpp:13,
from /home/fox/okhttp-fork/lib/ssl/SSL.cpp:7:
/usr/include/openssl/ssl.h:233:1: note: forward declaration of 'struct stack_st_SSL_CIPHER'
STACK_OF(SSL_CIPHER);
^Note on SSL 1.0/2.0/3.0 support
In 2014, SSL 3.0 was found to be vulnerable to the POODLE attack that affects all block ciphers in SSL; and RC4, the only non-block cipher supported by SSL 3.0, is also feasibly broken as used in SSL 3.0.
SSL 2.0 was prohibited in 2011 by RFC 6176, and SSL 3.0 was also later prohibited in June 2015 by RFC 7568.
-- Wikipedia, Transport Layer Security page
I see no reason to support vulnerable protocol.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.