tcptls: use TLS_client_method with OpenSSL 1.1
OpenSSL 1.1 introduced TLS_client_method() and deprecated the previous version-specific methods (such as TLSv1_client_method(). Other than being simpler to use and more correct (gain support for TLS newer that TLS1, in our case), the older ones produce a deprecation warning that fails the build in dev-mode. Change-Id: I257b1c8afd09dcb0d96cda3a41cb9f7a15d0ba07
This commit is contained in:
parent
2c8d0764de
commit
bc041ca14a
|
@ -324,12 +324,16 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
|
|||
cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
|
||||
} else
|
||||
#endif
|
||||
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
|
||||
cfg->ssl_ctx = SSL_CTX_new(TLS_client_method());
|
||||
#else
|
||||
if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
|
||||
cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
|
||||
} else {
|
||||
disable_ssl = 1;
|
||||
cfg->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
|
||||
}
|
||||
#endif
|
||||
} else {
|
||||
disable_ssl = 1;
|
||||
cfg->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
|
||||
|
|
Loading…
Reference in New Issue