Fixes open-telemetry#2721

marcalff · Jun 27, 2024 · 489c0c0 · 489c0c0
1 parent 7701239
commit 489c0c0
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 31 deletions.
diff --git a/exporters/otlp/include/opentelemetry/exporters/otlp/otlp_environment.h b/exporters/otlp/include/opentelemetry/exporters/otlp/otlp_environment.h
@@ -111,7 +111,7 @@ std::string GetOtlpDefaultTracesSslTlsMaxVersion();
 std::string GetOtlpDefaultMetricsSslTlsMaxVersion();
 std::string GetOtlpDefaultLogsSslTlsMaxVersion();
 
-// For TLS 1.0, 1.1, 1.2
+// For TLS 1.2
 std::string GetOtlpDefaultTracesSslTlsCipher();
 std::string GetOtlpDefaultMetricsSslTlsCipher();
 std::string GetOtlpDefaultLogsSslTlsCipher();

diff --git a/ext/include/opentelemetry/ext/http/client/http_client.h b/ext/include/opentelemetry/ext/http/client/http_client.h
@@ -193,8 +193,6 @@ struct HttpSslOptions
     Minimum SSL version to use.
     Valid values are:
     - empty (no minimum version required)
-    - "1.0" (TLSv1.0)
-    - "1.1" (TLSv1.1)
     - "1.2" (TLSv1.2)
     - "1.3" (TLSv1.3)
   */
@@ -204,16 +202,14 @@ struct HttpSslOptions
     Maximum SSL version to use.
     Valid values are:
     - empty (no maximum version required)
-    - "1.0" (TLSv1.0)
-    - "1.1" (TLSv1.1)
     - "1.2" (TLSv1.2)
     - "1.3" (TLSv1.3)
   */
   std::string ssl_max_tls{};
 
   /**
     TLS Cipher.
-    This is for TLS 1.0, 1.1 and 1.2.
+    This is for TLS 1.2.
     The list is delimited by colons (":").
     Cipher names depends on the underlying CURL implementation.
   */

diff --git a/ext/src/http/client/curl/http_operation_curl.cc b/ext/src/http/client/curl/http_operation_curl.cc
@@ -414,16 +414,16 @@ void HttpOperation::Cleanup()
   To represent versions, the following symbols are needed:
 
   Added in CURL 7.34.0:
-  - CURL_SSLVERSION_TLSv1_0
-  - CURL_SSLVERSION_TLSv1_1
+  - CURL_SSLVERSION_TLSv1_0 (do not use)
+  - CURL_SSLVERSION_TLSv1_1 (do not use)
   - CURL_SSLVERSION_TLSv1_2
 
   Added in CURL 7.52.0:
   - CURL_SSLVERSION_TLSv1_3
 
   Added in CURL 7.54.0:
-  - CURL_SSLVERSION_MAX_TLSv1_0
-  - CURL_SSLVERSION_MAX_TLSv1_1
+  - CURL_SSLVERSION_MAX_TLSv1_0 (do not use)
+  - CURL_SSLVERSION_MAX_TLSv1_1 (do not use)
   - CURL_SSLVERSION_MAX_TLSv1_2
   - CURL_SSLVERSION_MAX_TLSv1_3
 
@@ -439,16 +439,6 @@ void HttpOperation::Cleanup()
 static long parse_min_ssl_version(std::string version)
 {
 #ifdef HAVE_TLS_VERSION
-  if (version == "1.0")
-  {
-    return CURL_SSLVERSION_TLSv1_0;
-  }
-
-  if (version == "1.1")
-  {
-    return CURL_SSLVERSION_TLSv1_1;
-  }
-
   if (version == "1.2")
   {
     return CURL_SSLVERSION_TLSv1_2;
@@ -466,16 +456,6 @@ static long parse_min_ssl_version(std::string version)
 static long parse_max_ssl_version(std::string version)
 {
 #ifdef HAVE_TLS_VERSION
-  if (version == "1.0")
-  {
-    return CURL_SSLVERSION_MAX_TLSv1_0;
-  }
-
-  if (version == "1.1")
-  {
-    return CURL_SSLVERSION_MAX_TLSv1_1;
-  }
-
   if (version == "1.2")
   {
     return CURL_SSLVERSION_MAX_TLSv1_2;
@@ -780,7 +760,7 @@ CURLcode HttpOperation::Setup()
 
     if (!ssl_options_.ssl_cipher.empty())
     {
-      /* TLS 1.0, 1.1, 1.2 */
+      /* TLS 1.2 */
       const char *cipher_list = ssl_options_.ssl_cipher.c_str();
 
       rc = SetCurlStrOption(CURLOPT_SSL_CIPHER_LIST, cipher_list);