From 91abf2b83082f60c1d36e09d3a7078463b8c9e56 Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen Date: Sun, 28 Jul 2019 12:02:30 +0200 Subject: [PATCH] modernize ssl context init with openssl 1.1+, use TLS_client_method() instead of the deprecated SSLv23_client_method(). --- src/socket.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/socket.c b/src/socket.c index 2e9ae72..eae3b74 100644 --- a/src/socket.c +++ b/src/socket.c @@ -210,7 +210,12 @@ init_ssl_ctx( const server_conf_t *conf ) if (conf->SSLContext) return conf->ssl_ctx_valid; - mconf->SSLContext = SSL_CTX_new( SSLv23_client_method() ); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const SSL_METHOD *method = TLS_client_method(); +#else + const SSL_METHOD *method = SSLv23_client_method(); +#endif + mconf->SSLContext = SSL_CTX_new( method ); if (!(conf->ssl_versions & SSLv3)) options |= SSL_OP_NO_SSLv3;