Remove IceSSL.SecurityLevel property

The security level can be set without this property by adding
@SECLEVEL=n in the cipher string

2 files changed, 22 insertions, 30 deletions

diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp
index 0065e96ab33..5ca5d2a0de5 100644
--- a/cpp/test/IceSSL/configuration/AllTests.cpp
+++ b/cpp/test/IceSSL/configuration/AllTests.cpp
@@ -9,6 +9,9 @@
 
 #include <Ice/Ice.h>
 #include <IceSSL/Plugin.h>
+#if ICE_USE_OPENSSL
+#  include <openssl/ssl.h> // Required for OPENSSL_VERSION_NUMBER
+#endif
 #include <TestCommon.h>
 #include <Test.h>
 #include <fstream>
@@ -20,6 +23,17 @@
 using namespace std;
 using namespace Ice;
 
+#ifdef ICE_USE_OPENSSL
+//
+// With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+//
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+const string anonCiphers = "ADH:@SECLEVEL=0";
+#  else
+const string anonCiphers = "ADH";
+#  endif
+#endif
+
 void
 readFile(const string& file, vector<char>& buffer)
 {
@@ -476,11 +490,7 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12, b
         initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12);
         initData.properties->setProperty("Ice.InitPlugins", "0");
 #  ifdef ICE_USE_OPENSSL
-        //
-        // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
-        //
-        initData.properties->setProperty("IceSSL.SecurityLevel", "0");
-        initData.properties->setProperty("IceSSL.Ciphers", "ADH");
+        initData.properties->setProperty("IceSSL.Ciphers", anonCiphers);
 #  else
         initData.properties->setProperty("IceSSL.Ciphers", "DH_anon_WITH_AES_256_CBC_SHA");
 #  endif
@@ -493,11 +503,7 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12, b
         Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(obj);
         Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12);
 #  ifdef ICE_USE_OPENSSL
-        //
-        // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
-        //
-        d["IceSSL.SecurityLevel"] = "0";
-        d["IceSSL.Ciphers"] = "ADH";
+        d["IceSSL.Ciphers"] = anonCiphers;
 #  else
         d["IceSSL.Ciphers"] = "DH_anon_WITH_AES_256_CBC_SHA";
 #  endif
@@ -1205,11 +1211,7 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12, b
         InitializationData initData;
         initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12);
 #  ifdef ICE_USE_OPENSSL
-        //
-        // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
-        //
-        initData.properties->setProperty("IceSSL.SecurityLevel", "0");
-        initData.properties->setProperty("IceSSL.Ciphers", "ADH");
+        initData.properties->setProperty("IceSSL.Ciphers", anonCiphers);
 #  else
         initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)");
 #  endif
@@ -1224,12 +1226,8 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12, b
         test(fact);
         Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12);
 #  ifdef ICE_USE_OPENSSL
-        //
-        // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
-        //
         string cipherSub = "ADH-";
-        d["IceSSL.SecurityLevel"] = "0";
-        d["IceSSL.Ciphers"] = "ADH";
+        d["IceSSL.Ciphers"] = anonCiphers;
 #  else
         string cipherSub = "DH_anon";
         d["IceSSL.Ciphers"] = "(DH_anon*)";
@@ -1816,11 +1814,7 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12, b
         InitializationData initData;
         initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12);
 #  ifdef ICE_USE_OPENSSL
-        //
-        // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
-        //
-        initData.properties->setProperty("IceSSL.SecurityLevel", "0");
-        initData.properties->setProperty("IceSSL.Ciphers", "ADH");
+        initData.properties->setProperty("IceSSL.Ciphers", anonCiphers);
 #  else
         initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)");
 #  endif
@@ -1829,12 +1823,8 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12, b
         test(fact);
         Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12, "s_rsa_ca1", "cacert1");
 #  ifdef ICE_USE_OPENSSL
-        //
-        // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
-        //
-        d["IceSSL.SecurityLevel"] = "0";
         string cipherSub = "ADH-";
-        d["IceSSL.Ciphers"] = "RSA:ADH";
+        d["IceSSL.Ciphers"] = "RSA:" + anonCiphers;
 #  else
         string cipherSub = "DH_";
         d["IceSSL.Ciphers"] = "(RSA_*) (DH_anon*)";
diff --git a/cpp/test/IceSSL/configuration/Makefile b/cpp/test/IceSSL/configuration/Makefile
index 1c5d24f1cdf..489dcb2b4fe 100644
--- a/cpp/test/IceSSL/configuration/Makefile
+++ b/cpp/test/IceSSL/configuration/Makefile
@@ -35,6 +35,8 @@ CPPFLAGS	:= -I. -I../../include $(CPPFLAGS)
 
 ifeq ($(UNAME),Darwin)
 LINK_WITH = -framework Security -framework CoreFoundation
+else
+CPPFLAGS	+= $(OPENSSL_FLAGS)
 endif
 
 ifeq ($(UNAME),MINGW)