THRIFT-3736 C++ library build fails if OpenSSL does not surrpot SSLv3

This closes apache#944
ngrewe · Jan 31, 2017 · 33d62f4 · 33d62f4
1 parent 1180bb1
commit 33d62f4
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
@@ -151,8 +151,10 @@ static char uppercase(char c);
 SSLContext::SSLContext(const SSLProtocol& protocol) {
   if (protocol == SSLTLS) {
     ctx_ = SSL_CTX_new(SSLv23_method());
+#ifndef OPENSSL_NO_SSL3
   } else if (protocol == SSLv3) {
     ctx_ = SSL_CTX_new(SSLv3_method());
+#endif
   } else if (protocol == TLSv1_0) {
     ctx_ = SSL_CTX_new(TLSv1_method());
   } else if (protocol == TLSv1_1) {

diff --git a/lib/cpp/test/SecurityTest.cpp b/lib/cpp/test/SecurityTest.cpp
@@ -240,6 +240,14 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix)
                     continue;
                 }
 
+#ifdef OPENSSL_NO_SSL3
+                if (si == 2 || ci == 2)
+                {
+                    // Skip all SSLv3 cases - protocol not supported
+                    continue;
+                }
+#endif
+
                 boost::mutex::scoped_lock lock(mMutex);
 
                 BOOST_TEST_MESSAGE(boost::format("TEST: Server = %1%, Client = %2%")