Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove unused SSLv3_method #23791

Merged
merged 1 commit into from Sep 5, 2017

Conversation

@janvorli
Copy link
Member

commented Sep 5, 2017

This API is not used anymore, so remove it from the openssl shim.

Remove unused SSLv3_method
This API is not used anymore, so remove it from the openssl shim.
@janvorli

This comment has been minimized.

Copy link
Member Author

commented Sep 5, 2017

@dotnet-bot test UWP CoreCLR x64 Debug Build

@bartonjs

This comment has been minimized.

Copy link
Member

commented Sep 5, 2017

Do we know at what point this became dead code? IIRC there was a kerfuffle when we last tried removing SSLv3 support.

@stephentoub

This comment has been minimized.

Copy link
Member

commented Sep 5, 2017

Do we know at what point this became dead code?

I believe here:
#21996

@janvorli

This comment has been minimized.

Copy link
Member Author

commented Sep 5, 2017

@bartonjs it doesn't remove SSL3 support. The SSLv23_method still uses SSL3 and only falls back to SSL2. I've found the following doc here: https://www.openssl.org/docs/man1.0.2/ssl/SSLv3_method.html

SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()
A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. A client will send out SSLv3 client hello messages and will indicate that it only understands SSLv3. A server will only understand SSLv3 client hello messages. The SSLv3 protocol is deprecated and should not be used.

SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()
These are the general-purpose version-flexible SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2. Most applications should use these method, and avoid the version specific methods described below.

@stephentoub stephentoub merged commit 53a72a7 into dotnet:master Sep 5, 2017

10 of 11 checks passed

NETFX x86 Release Build Build finished.
Details
CROSS Check Build finished.
Details
Linux arm Release Build Build finished.
Details
Linux x64 Release Build Build finished.
Details
OSX x64 Debug Build Build finished.
Details
Packaging All Configurations x64 Debug Build Build finished.
Details
Tizen armel Debug Build Build finished.
Details
UWP CoreCLR x64 Debug Build Build finished.
Details
UWP NETNative x86 Release Build Build finished.
Details
Windows x64 Debug Build Build finished.
Details
Windows x86 Release Build Build finished.
Details

@karelz karelz modified the milestone: 2.1.0 Sep 6, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.