[Asterisk-code-review] tcptls: use TLS client method with OpenSSL 1.1 (asterisk[14])

Joshua Colp asteriskteam at digium.com
Wed Feb 15 08:46:37 CST 2017 

Joshua Colp has submitted this change and it was merged. ( https://gerrit.asterisk.org/4952 )

Change subject: tcptls: use TLS_client_method with OpenSSL 1.1
......................................................................


tcptls: use TLS_client_method with OpenSSL 1.1

OpenSSL 1.1 introduced TLS_client_method() and deprecated the previous
version-specific methods (such as TLSv1_client_method(). Other than
being simpler to use and more correct (gain support for TLS newer that
TLS1, in our case), the older ones produce a deprecation warning that
fails the build in dev-mode.

ASTERISK-26109 #close

Change-Id: I257b1c8afd09dcb0d96cda3a41cb9f7a15d0ba07
---
M main/tcptls.c
1 file changed, 4 insertions(+), 0 deletions(-)

Approvals:
  George Joseph: Looks good to me, approved
  Anonymous Coward #1000019: Verified
  Joshua Colp: Looks good to me, but someone else must approve



diff --git a/main/tcptls.c b/main/tcptls.c
index c49379c..f3108ae 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -850,12 +850,16 @@
 			cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
 		} else
 #endif
+#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER  >= 0x10100000L)
+		cfg->ssl_ctx = SSL_CTX_new(TLS_client_method());
+#else
 		if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
 			cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
 		} else {
 			disable_ssl = 1;
 			cfg->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
 		}
+#endif
 	} else {
 		disable_ssl = 1;
 		cfg->ssl_ctx = SSL_CTX_new(SSLv23_server_method());

-- 
To view, visit https://gerrit.asterisk.org/4952
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I257b1c8afd09dcb0d96cda3a41cb9f7a15d0ba07
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 14
Gerrit-Owner: Tzafrir Cohen <tzafrir.cohen at xorcom.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>

More information about the asterisk-code-review mailing list