curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Compile warning on Fedora-26

From: Michael Kaufmann <mail_at_michael-kaufmann.ch>
Date: Sat, 9 Sep 2017 14:17:48 +0200

Daniel Stenberg wrote:
> On Wed, 6 Sep 2017, Ben Greear wrote:
>
>> Is there a good fix for this warning, or do I just need to turn off
>> strict warnings?
>
> ...
>
>> vtls/openssl.c: In function ‘ossl_connect_step1’:
>> vtls/openssl.c:2091:5: warning: ‘SSLv3_client_method’ is deprecated
>> [-Wdeprecated-declarations]
>> req_method = SSLv3_client_method();
>
> Your OpenSSL headers should define OPENSSL_NO_SSL3 so that libcurl
> won't try to use SSLv3. When OPENSSL_NO_SSL3 is defined, there's no
> warning.
>

Yes, but the real cause is: OpenSSL 1.1.0 has deprecated the function
SSLv3_client_method() in favor of TLS_client_method().
TLS_client_method() also works for SSLv3.

See https://www.openssl.org/docs/man1.1.0/ssl/SSLv3_client_method.html :

"TLS_method(), TLS_server_method(), TLS_client_method(): These are the
general-purpose version-flexible SSL/TLS methods. The actual protocol
version used will be negotiated to the highest version mutually
supported by the client and the server. The supported protocols are
SSLv3, TLSv1, TLSv1.1 and TLSv1.2. Applications should use these
methods, and avoid the version-specific methods described below."

Regards,
Michael
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-09-09