tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7352 from Icinga/bugfix/tls-bionic-x86 

Only include SSL_CTX_set_ecdh_auto for OpenSSL < 1.1.0
This commit is contained in:
Michael Friedrich 2019-07-23 18:50:13 +02:00 committed by GitHub
parent f1e820ae7b 0fd2fc0a4f
commit ffa3187c46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/base/tlsutility.cpp
View File

@ -85,9 +85,12 @@ static void SetupSslContext(const std::shared_ptr<boost::asio::ssl::context>& co
SSL_CTX_set_session_id_context(sslContext, (const unsigned char *)"Icinga 2", 8);
// Explicitly load ECC ciphers, required on el7 - https://github.com/Icinga/icinga2/issues/7247
#ifdef SSL_CTX_set_ecdh_auto
// SSL_CTX_set_ecdh_auto is deprecated and removed in OpenSSL 1.1.x - https://github.com/openssl/openssl/issues/1437
#if OPENSSL_VERSION_NUMBER < 0x10100000L
# ifdef SSL_CTX_set_ecdh_auto
SSL_CTX_set_ecdh_auto(sslContext, 1);
#endif /* SSL_CTX_set_ecdh_auto */
# endif /* SSL_CTX_set_ecdh_auto */
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
if (!pubkey.IsEmpty()) {
if (!SSL_CTX_use_certificate_chain_file(sslContext, pubkey.CStr())) {