2020-12-22 21:17:27 +01:00
|
|
|
diff --git a/openssl.c b/openssl.c
|
|
|
|
|
index b4e33fc..9d1eaf4 100644
|
|
|
|
|
--- a/openssl.c
|
|
|
|
|
+++ b/openssl.c
|
|
|
|
|
@@ -136,6 +136,7 @@ ssl_rand_init(void)
|
|
|
|
|
int state = 0;
|
2020-10-11 14:35:55 +02:00
|
|
|
|
2020-12-22 21:17:27 +01:00
|
|
|
if ((cp = value("ssl-rand-egd")) != NULL) {
|
|
|
|
|
+#ifndef OPENSSL_NO_EGD
|
|
|
|
|
cp = expand(cp);
|
|
|
|
|
if (RAND_egd(cp) == -1) {
|
|
|
|
|
fprintf(stderr, catgets(catd, CATSET, 245,
|
|
|
|
|
@@ -143,6 +144,9 @@ ssl_rand_init(void)
|
|
|
|
|
cp);
|
|
|
|
|
} else
|
|
|
|
|
state = 1;
|
|
|
|
|
+#else
|
|
|
|
|
+ fprintf(stderr, "entropy daemon not available\n");
|
2020-10-11 14:35:55 +02:00
|
|
|
+#endif
|
2020-12-22 21:17:27 +01:00
|
|
|
} else if ((cp = value("ssl-rand-file")) != NULL) {
|
|
|
|
|
cp = expand(cp);
|
|
|
|
|
if (RAND_load_file(cp, 1024) == -1) {
|
|
|
|
|
@@ -216,9 +220,16 @@ ssl_select_method(const char *uhp)
|
|
|
|
|
|
2020-10-11 14:35:55 +02:00
|
|
|
cp = ssl_method_string(uhp);
|
|
|
|
|
if (cp != NULL) {
|
|
|
|
|
- if (equal(cp, "ssl2"))
|
2020-12-22 21:17:27 +01:00
|
|
|
+ if (equal(cp, "ssl2")) {
|
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000
|
|
|
|
|
method = SSLv2_client_method();
|
2020-10-11 14:35:55 +02:00
|
|
|
- else if (equal(cp, "ssl3"))
|
2020-12-22 21:17:27 +01:00
|
|
|
+#else
|
|
|
|
|
+ /* SSLv2 support was removed in OpenSSL 1.1.0 */
|
|
|
|
|
+ fprintf(stderr, catgets(catd, CATSET, 244,
|
|
|
|
|
+ "Unsupported SSL method \"%s\"\n"), cp);
|
|
|
|
|
+ method = SSLv23_client_method();
|
|
|
|
|
+#endif
|
|
|
|
|
+ } else if (equal(cp, "ssl3"))
|
2020-10-11 14:35:55 +02:00
|
|
|
method = SSLv3_client_method();
|
|
|
|
|
else if (equal(cp, "tls1"))
|
|
|
|
|
method = TLSv1_client_method();
|
