curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Compile warning on Fedora-26

From: Ben Greear <greearb_at_candelatech.com>
Date: Thu, 7 Sep 2017 07:41:21 -0700

On 09/07/2017 01:14 AM, Daniel Stenberg wrote:
> On Wed, 6 Sep 2017, Ben Greear wrote:
>
>> Is there a good fix for this warning, or do I just need to turn off strict warnings?
>
> ...
>
>> vtls/openssl.c: In function ‘ossl_connect_step1’:
>> vtls/openssl.c:2091:5: warning: ‘SSLv3_client_method’ is deprecated [-Wdeprecated-declarations]
>> req_method = SSLv3_client_method();
>
> Your OpenSSL headers should define OPENSSL_NO_SSL3 so that libcurl won't try to use SSLv3. When OPENSSL_NO_SSL3 is defined, there's no warning.
>
> I think the warning you see serves its purpose exactly: it warns you that you have SSLv3 enabled (and thus libcurl will get built to be able to use it). There should be very little reason to have SSLv3 enabled in any software these days.

[greearb_at_v-f26-64 openssl]$ grep NO_SSL3 *
ssl.h:# ifndef OPENSSL_NO_SSL3_METHOD
[greearb_at_v-f26-64 openssl]$ pwd
/usr/include/openssl
[greearb_at_v-f26-64 openssl]$

Anyway, I ended up editing the openssl include file to remove the deprecated mark
from that method.

My use case is testing equipment/software, so it is probably better for me to support using
a wide range of ssl just in case someone wants to test with it. Hopefully by default it
will use something more recent.

Thanks,
Ben

-- 
Ben Greear <greearb_at_candelatech.com>
Candela Technologies Inc  http://www.candelatech.com
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2017-09-07