kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-31 18:55:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

tcptls: use TLS_client_method with OpenSSL 1.1

Browse Source 
OpenSSL 1.1 introduced TLS_client_method() and deprecated the previous
version-specific methods (such as TLSv1_client_method(). Other than
being simpler to use and more correct (gain support for TLS newer that
TLS1, in our case), the older ones produce a deprecation warning that
fails the build in dev-mode.

Change-Id: I257b1c8afd09dcb0d96cda3a41cb9f7a15d0ba07
This commit is contained in:
Tzafrir Cohen
2017-01-21 07:59:15 +02:00
parent 2c8d0764de
commit bc041ca14a
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
main/tcptls.c
View File

@@ -324,12 +324,16 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method()); cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
} else } else
#endif #endif
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
cfg->ssl_ctx = SSL_CTX_new(TLS_client_method());
#else
if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) { if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method()); cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
} else { } else {
disable_ssl = 1; disable_ssl = 1;
cfg->ssl_ctx = SSL_CTX_new(SSLv23_client_method()); cfg->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
} }
#endif
} else { } else {
disable_ssl = 1; disable_ssl = 1;
cfg->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); cfg->ssl_ctx = SSL_CTX_new(SSLv23_server_method());