From e1a4390b9cfcee4b87cb2b170c9e032ecc0dde22 Mon Sep 17 00:00:00 2001
From: "Alexander A. Klimov" <alexander.klimov@icinga.com>
Date: Wed, 3 Jan 2024 13:18:29 +0100
Subject: [PATCH] Fix compile error on OpenBSD which has no
 SSL_OP_NO_RENEGOTIATION

---
 lib/base/tlsutility.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index 246bd5aee..fb60e0221 100644
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -93,7 +93,9 @@ static void InitSslContext(const Shared<boost::asio::ssl::context>::Ptr& context
 
 	flags |= SSL_OP_CIPHER_SERVER_PREFERENCE;
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifdef LIBRESSL_VERSION_NUMBER
+	flags |= SSL_OP_NO_CLIENT_RENEGOTIATION;
+#elif OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_CTX_set_info_callback(sslContext, [](const SSL* ssl, int where, int) {
 		if (where & SSL_CB_HANDSHAKE_DONE) {
 			ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;