Browse Source

Support OpenSSL 1.0

AlpnError::ALERT_FATAL has been added in OpenSSL 1.1.0, hence build will
fail on any previous version. This commit allows older versions to fall
back to AlpnError::NOACK instead.
pull/5/head
Rodolphe Breard 6 years ago
parent
commit
c632f952ed
  1. 9
      tacd/src/server.rs

9
tacd/src/server.rs

@ -1,12 +1,17 @@
use acme_common::error::Error; use acme_common::error::Error;
use log::debug; use log::debug;
use openssl::pkey::{PKey, Private}; use openssl::pkey::{PKey, Private};
use openssl::ssl::{self, SslAcceptor, SslMethod};
use openssl::ssl::{self, AlpnError, SslAcceptor, SslMethod};
use openssl::x509::X509; use openssl::x509::X509;
use std::net::TcpListener; use std::net::TcpListener;
use std::sync::Arc; use std::sync::Arc;
use std::thread; use std::thread;
#[cfg(ossl110)]
const ALPN_ERROR: AlpnError = AlpnError::ALERT_FATAL;
#[cfg(not(ossl110))]
const ALPN_ERROR: AlpnError = AlpnError::NOACK;
pub fn start( pub fn start(
listen_addr: &str, listen_addr: &str,
certificate: &X509, certificate: &X509,
@ -16,7 +21,7 @@ pub fn start(
acceptor.set_alpn_select_callback(|_, client| { acceptor.set_alpn_select_callback(|_, client| {
debug!("ALPN negociation"); debug!("ALPN negociation");
ssl::select_next_proto(crate::ALPN_ACME_PROTO_NAME, client) ssl::select_next_proto(crate::ALPN_ACME_PROTO_NAME, client)
.ok_or(ssl::AlpnError::ALERT_FATAL)
.ok_or(ALPN_ERROR)
}); });
acceptor.set_private_key(private_key)?; acceptor.set_private_key(private_key)?;
acceptor.set_certificate(certificate)?; acceptor.set_certificate(certificate)?;

Loading…
Cancel
Save