From 5c3190542792f6653b1104e65268130c96b7e0c8 Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Wed, 21 Jun 2017 18:34:07 -0300
Subject: [PATCH 1/3] Updated EWF  http_network, websocket, httpd to use the
 latest EiffelNet SSL version.

---
 .../src/ssl/http_stream_secure_socket.e           | 15 ++++++++-------
 .../websocket/client/src/ssl/web_socket_client.e  |  4 +---
 .../httpd/configuration/httpd_configuration_i.e   |  9 +--------
 library/server/httpd/ssl/httpd_configuration.e    |  8 +-------
 4 files changed, 11 insertions(+), 25 deletions(-)

diff --git a/library/network/http_network/src/ssl/http_stream_secure_socket.e b/library/network/http_network/src/ssl/http_stream_secure_socket.e
index bb49cd19..c14aec4f 100644
--- a/library/network/http_network/src/ssl/http_stream_secure_socket.e
+++ b/library/network/http_network/src/ssl/http_stream_secure_socket.e
@@ -54,12 +54,6 @@ feature -- Secure connection Helpers
 			set_tls_protocol (v)
 		end
 
-	set_secure_protocol_to_ssl_2_or_3
-			-- Set `ssl_protocol' with `Ssl_23'.
-		do
-			set_secure_protocol ({SSL_PROTOCOL}.Ssl_23)
-		end
-
 	set_secure_protocol_to_tls_1_0
 			-- Set `ssl_protocol' with `Tls_1_0'.
 		do
@@ -176,7 +170,14 @@ feature -- Output
 		end
 
 note
-	copyright: "2011-2013, Javier Velilla, Jocelyn Fiat and others"
+	copyright: "2011-2017, Jocelyn Fiat, Javier Velilla, Olivier Ligot, Colin Adams, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+	source: "[
+			Eiffel Software
+			5949 Hollister Ave., Goleta, CA 93117 USA
+			Telephone 805-685-1006, Fax 805-685-6869
+			Website http://www.eiffel.com
+			Customer support http://support.eiffel.com
+		]"
 
 end
diff --git a/library/network/websocket/client/src/ssl/web_socket_client.e b/library/network/websocket/client/src/ssl/web_socket_client.e
index 12dae408..d0639a62 100644
--- a/library/network/websocket/client/src/ssl/web_socket_client.e
+++ b/library/network/websocket/client/src/ssl/web_socket_client.e
@@ -26,9 +26,7 @@ feature -- Factory
 				create l_secure.make_client_by_port (a_port, a_host)
 				Result := l_secure
 				if attached secure_protocol as l_prot then
-					if l_prot.is_case_insensitive_equal ("ssl_2_3") then
-						l_secure.set_secure_protocol_to_ssl_2_or_3
-					elseif l_prot.is_case_insensitive_equal ("tls_1_0") then
+					if l_prot.is_case_insensitive_equal ("tls_1_0") then
 						l_secure.set_secure_protocol_to_tls_1_0
 					elseif l_prot.is_case_insensitive_equal ("tls_1_1") then
 						l_secure.set_secure_protocol_to_tls_1_1
diff --git a/library/server/httpd/configuration/httpd_configuration_i.e b/library/server/httpd/configuration/httpd_configuration_i.e
index 74503928..61e702a9 100644
--- a/library/server/httpd/configuration/httpd_configuration_i.e
+++ b/library/server/httpd/configuration/httpd_configuration_i.e
@@ -297,9 +297,7 @@ feature -- Element change
 	set_secure_protocol_from_string (a_ssl_version: READABLE_STRING_GENERAL)
 			-- Set `secure_protocol' with `a_ssl_version'
 		do
-			if a_ssl_version.is_case_insensitive_equal ("ssl_2_3") then
-				set_secure_protocol_to_ssl_2_or_3
-			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
+			if a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
 				set_secure_protocol_to_tls_1_0
 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_1") then
 				set_secure_protocol_to_tls_1_1
@@ -314,11 +312,6 @@ feature -- Element change
 
 feature -- SSL Helpers
 
-	set_secure_protocol_to_ssl_2_or_3
-			-- Set `secure_protocol' with `Ssl_23'.
-		deferred
-		end
-
 	set_secure_protocol_to_tls_1_0
 			-- Set `secure_protocol' with `Tls_1_0'.
 		deferred
diff --git a/library/server/httpd/ssl/httpd_configuration.e b/library/server/httpd/ssl/httpd_configuration.e
index 1a5d1961..e0901a1a 100644
--- a/library/server/httpd/ssl/httpd_configuration.e
+++ b/library/server/httpd/ssl/httpd_configuration.e
@@ -35,12 +35,6 @@ feature -- Access
 
 feature -- SSL Helpers
 
-	set_secure_protocol_to_ssl_2_or_3
-			-- Set `secure_protocol' with `Ssl_23'.
-		do
-			set_secure_protocol ({SSL_PROTOCOL}.Ssl_23)
-		end
-
 	set_secure_protocol_to_tls_1_0
 			-- Set `secure_protocol' with `Tls_1_0'.
 		do
@@ -67,7 +61,7 @@ feature -- SSL Helpers
 
 
 note
-	copyright: "2011-2014, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2017, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 	source: "[
 			Eiffel Software

From dbf5e76047f40288afd3f27600afb8cb265cc4bf Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Thu, 22 Jun 2017 10:23:56 -0300
Subject: [PATCH 2/3] Updated EWF network and httpd libraries. Updated features
 using ssl_2 and ssl_3 as obsolete and raise a developer exception.

---
 .../src/ssl/http_stream_secure_socket.e       | 15 ++++++++++-
 .../client/src/ssl/web_socket_client.e        |  4 ++-
 .../configuration/httpd_configuration_i.e     | 25 +++++++++++++------
 .../server/httpd/ssl/httpd_configuration.e    | 13 ++++++++++
 4 files changed, 47 insertions(+), 10 deletions(-)

diff --git a/library/network/http_network/src/ssl/http_stream_secure_socket.e b/library/network/http_network/src/ssl/http_stream_secure_socket.e
index c14aec4f..9ada51f8 100644
--- a/library/network/http_network/src/ssl/http_stream_secure_socket.e
+++ b/library/network/http_network/src/ssl/http_stream_secure_socket.e
@@ -54,7 +54,20 @@ feature -- Secure connection Helpers
 			set_tls_protocol (v)
 		end
 
-	set_secure_protocol_to_tls_1_0
+	set_secure_protocol_to_ssl_2_or_3
+ 			-- Set `ssl_protocol' with `Ssl_23'.
+ 			-- Protocol not supported anymore.
+ 		obsolete
+			"Use set_secure_protocol_to_tls_1_2 [2017-11-30]."
+ 		local
+ 			err: DEVELOPER_EXCEPTION
+ 		do
+ 		    create err
+ 			err.set_description ("SSL_2 or SSL_3 are not supported anymore, upgrate to TLS set_secure_protocol_to_tls_1_2")
+ 			err.raise
+ 		end
+
+ 	set_secure_protocol_to_tls_1_0
 			-- Set `ssl_protocol' with `Tls_1_0'.
 		do
 			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_0)
diff --git a/library/network/websocket/client/src/ssl/web_socket_client.e b/library/network/websocket/client/src/ssl/web_socket_client.e
index d0639a62..2ae681e2 100644
--- a/library/network/websocket/client/src/ssl/web_socket_client.e
+++ b/library/network/websocket/client/src/ssl/web_socket_client.e
@@ -26,7 +26,9 @@ feature -- Factory
 				create l_secure.make_client_by_port (a_port, a_host)
 				Result := l_secure
 				if attached secure_protocol as l_prot then
-					if l_prot.is_case_insensitive_equal ("tls_1_0") then
+					if l_prot.is_case_insensitive_equal ("ssl_2_3") then
+ 						l_secure.set_secure_protocol_to_ssl_2_or_3
+ 					elseif l_prot.is_case_insensitive_equal ("tls_1_0") then
 						l_secure.set_secure_protocol_to_tls_1_0
 					elseif l_prot.is_case_insensitive_equal ("tls_1_1") then
 						l_secure.set_secure_protocol_to_tls_1_1
diff --git a/library/server/httpd/configuration/httpd_configuration_i.e b/library/server/httpd/configuration/httpd_configuration_i.e
index 61e702a9..403d8cfc 100644
--- a/library/server/httpd/configuration/httpd_configuration_i.e
+++ b/library/server/httpd/configuration/httpd_configuration_i.e
@@ -167,7 +167,7 @@ feature -- Element change
 		end
 
 	set_socket_timeout (a_nb_seconds: like socket_timeout)
-			-- Set `socket_timeout' with `a_nb_seconds'
+			-- Set `socket_timeout' with `a_nb_seconds'.
 		do
 			socket_timeout := a_nb_seconds
 		ensure
@@ -175,7 +175,7 @@ feature -- Element change
 		end
 
 	set_socket_recv_timeout (a_nb_seconds: like socket_recv_timeout)
-			-- Set `socket_recv_timeout' with `a_nb_seconds'
+			-- Set `socket_recv_timeout' with `a_nb_seconds'.
 		do
 			socket_recv_timeout := a_nb_seconds
 		ensure
@@ -183,7 +183,7 @@ feature -- Element change
 		end
 
 	set_keep_alive_timeout (a_seconds: like keep_alive_timeout)
-			-- Set `keep_alive_timeout' with `a_seconds'
+			-- Set `keep_alive_timeout' with `a_seconds'.
 		do
 			keep_alive_timeout := a_seconds
 		ensure
@@ -191,7 +191,7 @@ feature -- Element change
 		end
 
 	set_max_keep_alive_requests (nb: like max_keep_alive_requests)
-			-- Set `max_keep_alive_requests' with `nb'
+			-- Set `max_keep_alive_requests' with `nb'.
 		do
 			max_keep_alive_requests := nb
 		ensure
@@ -254,7 +254,7 @@ feature -- Element change
 		end
 
 	mark_secure
-			-- Set is_secure in True
+			-- Set is_secure in True.
 		do
 			set_is_secure (True)
 		ensure
@@ -287,7 +287,7 @@ feature -- Element change
 		end
 
 	set_secure_protocol (a_version: NATURAL)
-			-- Set `secure_protocol' with `a_version'
+			-- Set `secure_protocol' with `a_version'.
 		do
 			secure_protocol := a_version
 		ensure
@@ -295,9 +295,11 @@ feature -- Element change
 		end
 
 	set_secure_protocol_from_string (a_ssl_version: READABLE_STRING_GENERAL)
-			-- Set `secure_protocol' with `a_ssl_version'
+			-- Set `secure_protocol' with `a_ssl_version'.
 		do
-			if a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
+			if a_ssl_version.is_case_insensitive_equal ("ssl_2_3") then
+ 				set_secure_protocol_to_ssl_2_or_3
+ 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
 				set_secure_protocol_to_tls_1_0
 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_1") then
 				set_secure_protocol_to_tls_1_1
@@ -312,6 +314,13 @@ feature -- Element change
 
 feature -- SSL Helpers
 
+	set_secure_protocol_to_ssl_2_or_3
+			-- Set `secure_protocol' with `Ssl_23'.
+		obsolete
+				"Use set_secure_protocol_to_tls_1_0 [2017-11-30]."
+		deferred
+		end
+
 	set_secure_protocol_to_tls_1_0
 			-- Set `secure_protocol' with `Tls_1_0'.
 		deferred
diff --git a/library/server/httpd/ssl/httpd_configuration.e b/library/server/httpd/ssl/httpd_configuration.e
index e0901a1a..1e5dc7e3 100644
--- a/library/server/httpd/ssl/httpd_configuration.e
+++ b/library/server/httpd/ssl/httpd_configuration.e
@@ -35,6 +35,19 @@ feature -- Access
 
 feature -- SSL Helpers
 
+	set_secure_protocol_to_ssl_2_or_3
+ 			-- Set `ssl_protocol' with `Ssl_23'.
+ 			-- Protocol not supported anymore.
+ 		obsolete
+			"Use set_secure_protocol_to_tls_1_2 [2017-11-30]."
+ 		local
+ 			err: DEVELOPER_EXCEPTION
+ 		do
+ 		    create err
+ 			err.set_description ("SSL_2 or SSL_3 are not supported anymore, upgrate to TLS set_secure_protocol_to_tls_1_2")
+ 			err.raise
+ 		end
+
 	set_secure_protocol_to_tls_1_0
 			-- Set `secure_protocol' with `Tls_1_0'.
 		do

From 02383810b492c9294e3f3217269dff74c1452c8e Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Fri, 23 Jun 2017 09:51:59 -0300
Subject: [PATCH 3/3] Fixed bad identation Updated date to current date in
 obsolte message.

---
 .../src/ssl/http_stream_secure_socket.e       |  8 +++----
 .../client/src/ssl/web_socket_client.e        |  4 ++--
 .../configuration/httpd_configuration_i.e     |  6 ++---
 .../server/httpd/ssl/httpd_configuration.e    | 22 +++++++++----------
 4 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/library/network/http_network/src/ssl/http_stream_secure_socket.e b/library/network/http_network/src/ssl/http_stream_secure_socket.e
index 9ada51f8..4b78bc7a 100644
--- a/library/network/http_network/src/ssl/http_stream_secure_socket.e
+++ b/library/network/http_network/src/ssl/http_stream_secure_socket.e
@@ -57,14 +57,14 @@ feature -- Secure connection Helpers
 	set_secure_protocol_to_ssl_2_or_3
  			-- Set `ssl_protocol' with `Ssl_23'.
  			-- Protocol not supported anymore.
- 		obsolete
-			"Use set_secure_protocol_to_tls_1_2 [2017-11-30]."
+		obsolete
+			"Use set_secure_protocol_to_tls_1_2 [2017-06-23]."
  		local
  			err: DEVELOPER_EXCEPTION
  		do
  		    create err
- 			err.set_description ("SSL_2 or SSL_3 are not supported anymore, upgrate to TLS set_secure_protocol_to_tls_1_2")
- 			err.raise
+			err.set_description ("SSL_2 or SSL_3 are not supported anymore, upgrate to TLS set_secure_protocol_to_tls_1_2")
+			err.raise
  		end
 
  	set_secure_protocol_to_tls_1_0
diff --git a/library/network/websocket/client/src/ssl/web_socket_client.e b/library/network/websocket/client/src/ssl/web_socket_client.e
index 2ae681e2..12dae408 100644
--- a/library/network/websocket/client/src/ssl/web_socket_client.e
+++ b/library/network/websocket/client/src/ssl/web_socket_client.e
@@ -27,8 +27,8 @@ feature -- Factory
 				Result := l_secure
 				if attached secure_protocol as l_prot then
 					if l_prot.is_case_insensitive_equal ("ssl_2_3") then
- 						l_secure.set_secure_protocol_to_ssl_2_or_3
- 					elseif l_prot.is_case_insensitive_equal ("tls_1_0") then
+						l_secure.set_secure_protocol_to_ssl_2_or_3
+					elseif l_prot.is_case_insensitive_equal ("tls_1_0") then
 						l_secure.set_secure_protocol_to_tls_1_0
 					elseif l_prot.is_case_insensitive_equal ("tls_1_1") then
 						l_secure.set_secure_protocol_to_tls_1_1
diff --git a/library/server/httpd/configuration/httpd_configuration_i.e b/library/server/httpd/configuration/httpd_configuration_i.e
index 403d8cfc..f02c35e6 100644
--- a/library/server/httpd/configuration/httpd_configuration_i.e
+++ b/library/server/httpd/configuration/httpd_configuration_i.e
@@ -298,8 +298,8 @@ feature -- Element change
 			-- Set `secure_protocol' with `a_ssl_version'.
 		do
 			if a_ssl_version.is_case_insensitive_equal ("ssl_2_3") then
- 				set_secure_protocol_to_ssl_2_or_3
- 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
+				set_secure_protocol_to_ssl_2_or_3
+			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
 				set_secure_protocol_to_tls_1_0
 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_1") then
 				set_secure_protocol_to_tls_1_1
@@ -317,7 +317,7 @@ feature -- SSL Helpers
 	set_secure_protocol_to_ssl_2_or_3
 			-- Set `secure_protocol' with `Ssl_23'.
 		obsolete
-				"Use set_secure_protocol_to_tls_1_0 [2017-11-30]."
+			"Use set_secure_protocol_to_tls_1_2 [2017-06-23]."
 		deferred
 		end
 
diff --git a/library/server/httpd/ssl/httpd_configuration.e b/library/server/httpd/ssl/httpd_configuration.e
index 1e5dc7e3..2b088fc1 100644
--- a/library/server/httpd/ssl/httpd_configuration.e
+++ b/library/server/httpd/ssl/httpd_configuration.e
@@ -36,17 +36,17 @@ feature -- Access
 feature -- SSL Helpers
 
 	set_secure_protocol_to_ssl_2_or_3
- 			-- Set `ssl_protocol' with `Ssl_23'.
- 			-- Protocol not supported anymore.
- 		obsolete
-			"Use set_secure_protocol_to_tls_1_2 [2017-11-30]."
- 		local
- 			err: DEVELOPER_EXCEPTION
- 		do
- 		    create err
- 			err.set_description ("SSL_2 or SSL_3 are not supported anymore, upgrate to TLS set_secure_protocol_to_tls_1_2")
- 			err.raise
- 		end
+			-- Set `ssl_protocol' with `Ssl_23'.
+			-- Protocol not supported anymore.
+		obsolete
+			"Use set_secure_protocol_to_tls_1_2 [2017-06-23]."
+		local
+			err: DEVELOPER_EXCEPTION
+		do
+			create err
+			err.set_description ("SSL_2 or SSL_3 are not supported anymore, upgrate to TLS set_secure_protocol_to_tls_1_2")
+			err.raise
+		end
 
 	set_secure_protocol_to_tls_1_0
 			-- Set `secure_protocol' with `Tls_1_0'.