From 26c8552fff499419bdf12b663e76ecfc408b3085 Mon Sep 17 00:00:00 2001
From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>
Date: Tue, 28 Jun 2016 23:26:59 +0200
Subject: OpenSSL 1.1.0 support

OpenSSL 1.1.0 includes some major changes in the interface. See
https://wiki.openssl.org/index.php/1.1_API_Changes .

Status: Right now there are still a few deprecation notes with OpenSSL
1.1.0. But it's a start.

Changes:
* CRYPTO_LOCK is no longer available. Replace it with its value for now.
  I don't completely understand what it is used for there.
* Remove several functions from libasteriskssl that seem to no longer be
  needed.
* Structures have become opaque and are accesses with accessors.
* ERR_remove_thread_state() no longer needed.
* SSLv2 code now could no longer be used in 1.1.

ASTERISK-26109 #close

Change-Id: I5e29d477d486ca29b6aae0dc2f5dff960c1cb82b
---
 main/tcptls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'main/tcptls.c')

diff --git a/main/tcptls.c b/main/tcptls.c
index c8ebab434..6b040ae3e 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -310,7 +310,7 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
 	}
 
 	if (client) {
-#ifndef OPENSSL_NO_SSL2
+#if !defined(OPENSSL_NO_SSL2) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
 		if (ast_test_flag(&cfg->flags, AST_SSL_SSLV2_CLIENT)) {
 			ast_log(LOG_WARNING, "Usage of SSLv2 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!\n");
 			cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());
-- 
cgit v1.2.3