diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp index bd131602602..517151f7146 100644 --- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp +++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp @@ -151,8 +151,10 @@ static char uppercase(char c); SSLContext::SSLContext(const SSLProtocol& protocol) { if (protocol == SSLTLS) { ctx_ = SSL_CTX_new(SSLv23_method()); +#ifndef OPENSSL_NO_SSL3 } else if (protocol == SSLv3) { ctx_ = SSL_CTX_new(SSLv3_method()); +#endif } else if (protocol == TLSv1_0) { ctx_ = SSL_CTX_new(TLSv1_method()); } else if (protocol == TLSv1_1) { diff --git a/lib/cpp/test/SecurityTest.cpp b/lib/cpp/test/SecurityTest.cpp index 9968e2c4785..23650d62801 100644 --- a/lib/cpp/test/SecurityTest.cpp +++ b/lib/cpp/test/SecurityTest.cpp @@ -240,6 +240,14 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix) continue; } +#ifdef OPENSSL_NO_SSL3 + if (si == 2 || ci == 2) + { + // Skip all SSLv3 cases - protocol not supported + continue; + } +#endif + boost::mutex::scoped_lock lock(mMutex); BOOST_TEST_MESSAGE(boost::format("TEST: Server = %1%, Client = %2%")