diff options
| author | Linus Nordberg <linus@nordu.net> | 2016-03-06 23:17:32 +0100 |
|---|---|---|
| committer | Linus Nordberg <linus@nordu.net> | 2016-03-06 23:17:32 +0100 |
| commit | be31ab4659438bba66e0b2765c522c33219fa8cc (patch) | |
| tree | f123e45e4378f64974373be6de34ed6d10389b12 | |
| parent | 025ef1f2343f05fa0f0fcd4cecae8ac0f3d64022 (diff) | |
Use TLS_method() for new SSL context if it exists.
| -rw-r--r-- | tlscommon.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/tlscommon.c b/tlscommon.c index 39eaf20..ee81d71 100644 --- a/tlscommon.c +++ b/tlscommon.c @@ -203,8 +203,14 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) { switch (type) { #ifdef RADPROT_TLS case RAD_TLS: - ctx = SSL_CTX_new(SSLv23_method()); +#if OPENSSL_VERSION_NUMBER >= 0x10100000 + /* TLS_method() was introduced in OpenSSL 1.1.0. */ + ctx = SSL_CTX_new(TLS_method()); +#else + /* No TLS_method(), use SSLv23_method() and disable SSLv2 and SSLv3. */ + ctx = SSL_CTX_new(SSLv23_method()); SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); +#endif #ifdef DEBUG SSL_CTX_set_info_callback(ctx, ssl_info_callback); #endif |