tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Only include SSL_CTX_set_ecdh_auto for OpenSSL < 1.1.0

This commit is contained in:
Michael Friedrich 2019-07-23 17:39:02 +02:00
parent 34ccc3802a
commit 0fd2fc0a4f
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/base/tlsutility.cpp
View File

@ -85,9 +85,12 @@ static void SetupSslContext(const std::shared_ptr<boost::asio::ssl::context>& co
SSL_CTX_set_session_id_context(sslContext, (const unsigned char *)"Icinga 2", 8);
// Explicitly load ECC ciphers, required on el7 - https://github.com/Icinga/icinga2/issues/7247
#ifdef SSL_CTX_set_ecdh_auto
// SSL_CTX_set_ecdh_auto is deprecated and removed in OpenSSL 1.1.x - https://github.com/openssl/openssl/issues/1437
#if OPENSSL_VERSION_NUMBER < 0x10100000L
# ifdef SSL_CTX_set_ecdh_auto
SSL_CTX_set_ecdh_auto(sslContext, 1);
#endif /* SSL_CTX_set_ecdh_auto */
# endif /* SSL_CTX_set_ecdh_auto */
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
if (!pubkey.IsEmpty()) {
if (!SSL_CTX_use_certificate_chain_file(sslContext, pubkey.CStr())) {