This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new a860656e9b Fix setting TLS groups with BoringSSL (#11840)
a860656e9b is described below
commit a860656e9b3861171436d7cbc7420b56a89548a9
Author: Masaori Koshiba <[email protected]>
AuthorDate: Mon Nov 18 08:26:05 2024 +0900
Fix setting TLS groups with BoringSSL (#11840)
* Fix setting TLS groups with BoringSSL
* Get rid of #ifdef for old openssl
---
src/iocore/net/SSLUtils.cc | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/src/iocore/net/SSLUtils.cc b/src/iocore/net/SSLUtils.cc
index b3f932d32d..7c469b2ff6 100644
--- a/src/iocore/net/SSLUtils.cc
+++ b/src/iocore/net/SSLUtils.cc
@@ -1530,20 +1530,15 @@
SSLMultiCertConfigLoader::_set_cipher_suites([[maybe_unused]] SSL_CTX *ctx)
}
bool
-SSLMultiCertConfigLoader::_set_curves([[maybe_unused]] SSL_CTX *ctx)
+SSLMultiCertConfigLoader::_set_curves(SSL_CTX *ctx)
{
-#if defined(SSL_CTX_set1_groups_list) || defined(SSL_CTX_set1_curves_list)
if (this->_params->server_groups_list != nullptr) {
-#ifdef SSL_CTX_set1_groups_list
if (!SSL_CTX_set1_groups_list(ctx, this->_params->server_groups_list)) {
-#else
- if (!SSL_CTX_set1_curves_list(ctx, this->_params->server_groups_list)) {
-#endif
SSLError("invalid groups list for server in %s", ts::filename::RECORDS);
return false;
}
}
-#endif
+
return true;
}
