<p>George Joseph <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/9053">View Change</a></p><div style="white-space:pre-wrap">Approvals:
Joshua Colp: Looks good to me, but someone else must approve
George Joseph: Looks good to me, approved; Approved for Submit
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">tcptls: Allow OpenSSL 1.1.x configured with enable-ssl3-method no-deprecated.<br><br>ASTERISK-27874<br><br>Change-Id: Ica65113511c7a1c13f7988e7d9e7d9e7f3f620dd<br>---<br>M main/tcptls.c<br>1 file changed, 5 insertions(+), 5 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/main/tcptls.c b/main/tcptls.c<br>index 23a6a2e..bd89bdd 100644<br>--- a/main/tcptls.c<br>+++ b/main/tcptls.c<br>@@ -448,14 +448,14 @@<br> ERR_error_string(sslerr, err), ssl_error_to_string(sslerr, res));<br> }<br> <br>-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)<br>+#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)<br> if (!SSL_is_server(stream->ssl)) {<br> #else<br> if (!stream->ssl->server) {<br> #endif<br> /* For client threads, ensure that the error stack is cleared */<br>-#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)<br>-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10000000L<br>+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)<br>+#if OPENSSL_VERSION_NUMBER >= 0x10000000L<br> ERR_remove_thread_state(NULL);<br> #else<br> ERR_remove_state(0);<br>@@ -901,13 +901,13 @@<br> cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());<br> } else<br> #endif<br>-#ifndef OPENSSL_NO_SSL3_METHOD<br>+#if !defined(OPENSSL_NO_SSL3_METHOD) && !(defined(OPENSSL_API_COMPAT) && (OPENSSL_API_COMPAT >= 0x10100000L))<br> if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {<br> ast_log(LOG_WARNING, "Usage of SSLv3 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!\n");<br> cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());<br> } else<br> #endif<br>-#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)<br>+#if OPENSSL_VERSION_NUMBER >= 0x10100000L<br> cfg->ssl_ctx = SSL_CTX_new(TLS_client_method());<br> #else<br> if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/9053">change 9053</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/9053"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 13 </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: Ica65113511c7a1c13f7988e7d9e7d9e7f3f620dd </div>
<div style="display:none"> Gerrit-Change-Number: 9053 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Joshua Colp <jcolp@digium.com> </div>