From: Amos Jeffries Date: Thu, 12 Jan 2017 13:26:45 +0000 (+1300) Subject: Merged from v5 r15006 X-Git-Tag: M-staged-PR71~284^2~24 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d104ce03830a34deb8738f360f914ba046553d98;p=thirdparty%2Fsquid.git Merged from v5 r15006 --- d104ce03830a34deb8738f360f914ba046553d98 diff --cc src/ssl/bio.cc index dbc8825796,b016085a75..fb1592da60 --- a/src/ssl/bio.cc +++ b/src/ssl/bio.cc @@@ -62,13 -62,10 +62,10 @@@ static BIO_METHOD *SquidMethods = NULL #endif BIO * -Ssl::Bio::Create(const int fd, Ssl::Bio::Type type) +Ssl::Bio::Create(const int fd, Security::Io::Type type) { #if (OPENSSL_VERSION_NUMBER < 0x10100000L) - if (BIO *bio = BIO_new(&SquidMethods)) { - BIO_int_ctrl(bio, BIO_C_SET_FD, type, fd); - return bio; - } + BIO_METHOD *useMethod = &SquidMethods; #else if (!SquidMethods) { SquidMethods = BIO_meth_new(BIO_TYPE_SOCKET, "squid"); diff --cc src/ssl/support.cc index 07d1434ea3,08a9eb1b01..1c218fed75 --- a/src/ssl/support.cc +++ b/src/ssl/support.cc @@@ -494,11 -525,9 +525,9 @@@ static boo configureSslContext(Security::ContextPointer &ctx, AnyP::PortCfg &port) { int ssl_error; - SSL_CTX_set_options(ctx.get(), port.secure.parsedOptions); + SSL_CTX_set_options(ctx.get(), *port.secure.parsedOptions); - #if defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) - SSL_CTX_set_info_callback(ctx.get(), ssl_info_cb); - #endif + maybeDisableRenegotiate(ctx); if (port.sslContextSessionId) SSL_CTX_set_session_id_context(ctx.get(), (const unsigned char *)port.sslContextSessionId, strlen(port.sslContextSessionId)); @@@ -626,9 -654,9 +654,7 @@@ Ssl::InitClientContext(Security::Contex if (!ctx) return false; - #if defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) - SSL_CTX_set_info_callback(ctx.get(), ssl_info_cb); - #endif - SSL_CTX_set_options(ctx.get(), options); - + maybeDisableRenegotiate(ctx); if (!peer.sslCipher.isEmpty()) { debugs(83, 5, "Using chiper suite " << peer.sslCipher << ".");