From 5f95c4e055be953acabac2f430491fc8c225264c Mon Sep 17 00:00:00 2001 From: Aman Gupta Date: Tue, 22 Sep 2015 19:54:15 -0700 Subject: avoid referencing undefined SSLv2_method on mac osx --- lib/pure/net.nim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/pure') diff --git a/lib/pure/net.nim b/lib/pure/net.nim index 0ce5b4d25..08e944727 100644 --- a/lib/pure/net.nim +++ b/lib/pure/net.nim @@ -223,7 +223,7 @@ when defined(ssl): of protSSLv23: newCTX = SSL_CTX_new(SSLv23_method()) # SSlv2,3 and TLS1 support. of protSSLv2: - when not defined(linux): + when not defined(linux) and not defined(macosx): newCTX = SSL_CTX_new(SSLv2_method()) else: raiseSslError() -- cgit 1.4.1-2-gfad0 From 4a715b8e085319c671d86638c326fd1bee14b9a6 Mon Sep 17 00:00:00 2001 From: Aman Gupta Date: Wed, 23 Sep 2015 12:03:14 -0700 Subject: disable SSLv2 --- lib/pure/net.nim | 5 +---- lib/pure/sockets.nim | 5 +---- 2 files changed, 2 insertions(+), 8 deletions(-) (limited to 'lib/pure') diff --git a/lib/pure/net.nim b/lib/pure/net.nim index 08e944727..48a973e8d 100644 --- a/lib/pure/net.nim +++ b/lib/pure/net.nim @@ -223,10 +223,7 @@ when defined(ssl): of protSSLv23: newCTX = SSL_CTX_new(SSLv23_method()) # SSlv2,3 and TLS1 support. of protSSLv2: - when not defined(linux) and not defined(macosx): - newCTX = SSL_CTX_new(SSLv2_method()) - else: - raiseSslError() + raiseSslError() of protSSLv3: newCTX = SSL_CTX_new(SSLv3_method()) of protTLSv1: diff --git a/lib/pure/sockets.nim b/lib/pure/sockets.nim index 29f0bf87d..1b76a3a5e 100644 --- a/lib/pure/sockets.nim +++ b/lib/pure/sockets.nim @@ -314,10 +314,7 @@ when defined(ssl): of protSSLv23: newCTX = SSL_CTX_new(SSLv23_method()) # SSlv2,3 and TLS1 support. of protSSLv2: - when not defined(linux) and not defined(OpenBSD): - newCTX = SSL_CTX_new(SSLv2_method()) - else: - raiseSslError() + raiseSslError() of protSSLv3: newCTX = SSL_CTX_new(SSLv3_method()) of protTLSv1: -- cgit 1.4.1-2-gfad0 From 8edbef346a0d24e91110084e663674f2c65d72b7 Mon Sep 17 00:00:00 2001 From: Aman Gupta Date: Wed, 23 Sep 2015 17:12:49 -0700 Subject: raise with error message --- lib/pure/net.nim | 2 +- lib/pure/sockets.nim | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/pure') diff --git a/lib/pure/net.nim b/lib/pure/net.nim index 48a973e8d..00a6c0c92 100644 --- a/lib/pure/net.nim +++ b/lib/pure/net.nim @@ -223,7 +223,7 @@ when defined(ssl): of protSSLv23: newCTX = SSL_CTX_new(SSLv23_method()) # SSlv2,3 and TLS1 support. of protSSLv2: - raiseSslError() + raiseSslError("SSLv2 is no longer secure and has been deprecated, use protSSLv3") of protSSLv3: newCTX = SSL_CTX_new(SSLv3_method()) of protTLSv1: diff --git a/lib/pure/sockets.nim b/lib/pure/sockets.nim index 1b76a3a5e..8fa69256b 100644 --- a/lib/pure/sockets.nim +++ b/lib/pure/sockets.nim @@ -314,7 +314,7 @@ when defined(ssl): of protSSLv23: newCTX = SSL_CTX_new(SSLv23_method()) # SSlv2,3 and TLS1 support. of protSSLv2: - raiseSslError() + raiseSslError("SSLv2 is no longer secure and has been deprecated, use protSSLv3") of protSSLv3: newCTX = SSL_CTX_new(SSLv3_method()) of protTLSv1: -- cgit 1.4.1-2-gfad0