diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2022-10-04 19:11:03 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2022-10-04 19:11:03 +0100 |
| commit | 27e646d341ea843245b8305166686c2fd888bf0e (patch) | |
| tree | 9ee7d52d4f9c79c34d4601832eaa5cff91a7b937 | |
| parent | 96751ae76e6c6db435f5a4f141511d6f973b6583 (diff) | |
| download | exim4-27e646d341ea843245b8305166686c2fd888bf0e.tar.gz | |
Fix build with older OpenSSL.
Broken-by: 96751ae76e
| -rw-r--r-- | src/src/tls-openssl.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 9ddb16fc4..b46c0c7fd 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -48,6 +48,7 @@ functions from the OpenSSL library. */ #if OPENSSL_VERSION_NUMBER >= 0x10100000L # define EXIM_HAVE_OCSP_RESP_COUNT # define OPENSSL_AUTO_SHA256 +# define OPENSSL_MIN_PROTO_VERSION #else # define EXIM_HAVE_EPHEM_RSA_KEX # define EXIM_HAVE_RAND_PSEUDO @@ -2210,7 +2211,9 @@ already exists. Might even need this selfsame callback, for reneg? */ SSL_CTX * ctx = state_server.lib_state.lib_ctx; SSL_CTX_set_info_callback(server_sni, SSL_CTX_get_info_callback(ctx)); SSL_CTX_set_mode(server_sni, SSL_CTX_get_mode(ctx)); +#ifdef OPENSSL_MIN_PROTO_VERSION SSL_CTX_set_min_proto_version(server_sni, SSL3_VERSION); +#endif SSL_CTX_set_options(server_sni, SSL_CTX_get_options(ctx)); SSL_CTX_clear_options(server_sni, ~SSL_CTX_get_options(ctx)); SSL_CTX_set_timeout(server_sni, SSL_CTX_get_timeout(ctx)); @@ -2728,7 +2731,9 @@ if (init_options) } #endif +#ifdef OPENSSL_MIN_PROTO_VERSION SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION); +#endif DEBUG(D_tls) debug_printf("setting SSL CTX options: %016lx\n", init_options); SSL_CTX_set_options(ctx, init_options); { |