diff options
Diffstat (limited to 'vespalib')
-rw-r--r-- | vespalib/src/vespa/vespalib/net/tls/impl/openssl_tls_context_impl.cpp | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/vespalib/src/vespa/vespalib/net/tls/impl/openssl_tls_context_impl.cpp b/vespalib/src/vespa/vespalib/net/tls/impl/openssl_tls_context_impl.cpp index c868f695b98..cff8c2621bc 100644 --- a/vespalib/src/vespa/vespalib/net/tls/impl/openssl_tls_context_impl.cpp +++ b/vespalib/src/vespa/vespalib/net/tls/impl/openssl_tls_context_impl.cpp @@ -88,7 +88,11 @@ void ensure_openssl_initialized_once() { BioPtr bio_from_string(vespalib::stringref str) { LOG_ASSERT(str.size() <= INT_MAX); +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) BioPtr bio(::BIO_new_mem_buf(str.data(), static_cast<int>(str.size()))); +#else + BioPtr bio(::BIO_new_mem_buf(const_cast<char*>(str.data()), static_cast<int>(str.size()))); +#endif if (!bio) { throw CryptoException("BIO_new_mem_buf"); } @@ -222,14 +226,16 @@ void OpenSslTlsContextImpl::verify_private_key() { void OpenSslTlsContextImpl::enable_ephemeral_key_exchange() { // Always enabled by default on higher versions. -#if (OPENSSL_VERSION_NUMBER < 0x10100000L) +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && (OPENSSL_VERSION_NUMBER < 0x10100000L) // Auto curve selection is preferred over using SSL_CTX_set_ecdh_tmp if (!::SSL_CTX_set_ecdh_auto(_ctx, 1)) { throw CryptoException("SSL_CTX_set_ecdh_auto"); } -#endif // New ECDH key per connection. ::SSL_CTX_set_options(_ctx, SSL_OP_SINGLE_ECDH_USE); +#else + // TODO make this work on OpenSSL 1.0.1 as well +#endif } void OpenSslTlsContextImpl::disable_compression() { |