SSL_CTX_new can fail

SSLv23_ methods deprecated
This commit is contained in:
Sergio R. Caprile 2024-07-09 12:35:10 -03:00
parent a9902b55d8
commit 4dcc4e3308
2 changed files with 12 additions and 4 deletions

View File

@ -12567,8 +12567,12 @@ void mg_tls_init(struct mg_connection *c, const struct mg_tls_opts *opts) {
s_initialised++; s_initialised++;
} }
MG_DEBUG(("%lu Setting TLS", c->id)); MG_DEBUG(("%lu Setting TLS", c->id));
tls->ctx = c->is_client ? SSL_CTX_new(SSLv23_client_method()) tls->ctx = c->is_client ? SSL_CTX_new(TLS_client_method())
: SSL_CTX_new(SSLv23_server_method()); : SSL_CTX_new(TLS_server_method());
if (tls->ctx == NULL) {
mg_error(c, "SSL_CTX_new");
goto fail;
}
#ifdef MG_TLS_SSLKEYLOGFILE #ifdef MG_TLS_SSLKEYLOGFILE
SSL_CTX_set_keylog_callback(tls->ctx, ssl_keylog_cb); SSL_CTX_set_keylog_callback(tls->ctx, ssl_keylog_cb);
#endif #endif

View File

@ -134,8 +134,12 @@ void mg_tls_init(struct mg_connection *c, const struct mg_tls_opts *opts) {
s_initialised++; s_initialised++;
} }
MG_DEBUG(("%lu Setting TLS", c->id)); MG_DEBUG(("%lu Setting TLS", c->id));
tls->ctx = c->is_client ? SSL_CTX_new(SSLv23_client_method()) tls->ctx = c->is_client ? SSL_CTX_new(TLS_client_method())
: SSL_CTX_new(SSLv23_server_method()); : SSL_CTX_new(TLS_server_method());
if (tls->ctx == NULL) {
mg_error(c, "SSL_CTX_new");
goto fail;
}
#ifdef MG_TLS_SSLKEYLOGFILE #ifdef MG_TLS_SSLKEYLOGFILE
SSL_CTX_set_keylog_callback(tls->ctx, ssl_keylog_cb); SSL_CTX_set_keylog_callback(tls->ctx, ssl_keylog_cb);
#endif #endif