Merged revisions 314251 via svnmerge from
authorLeif Madsen <leif@leifmadsen.com>
Tue, 19 Apr 2011 15:42:32 +0000 (15:42 +0000)
committerLeif Madsen <leif@leifmadsen.com>
Tue, 19 Apr 2011 15:42:32 +0000 (15:42 +0000)
https://origsvn.digium.com/svn/asterisk/branches/1.8

........
  r314251 | lmadsen | 2011-04-19 10:42:10 -0500 (Tue, 19 Apr 2011) | 8 lines

  Use SSLv23_client_method instead of old SSLv2 only.

  (closes issue #19095)
  (closes issue #19138)
  Reported by: tzafrir
  Patches:
        no_ssl2.diff uploaded by tzafrir (license 46)
  Tested by: russell, chazzam
........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@314252 65c4cc65-6c06-0410-ace0-fbb531ad65f3

main/tcptls.c

index 4f0f08a..135f638 100644 (file)
@@ -297,9 +297,12 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
        SSLeay_add_ssl_algorithms();
 
        if (client) {
+#ifndef OPENSSL_NO_SSL2
                if (ast_test_flag(&cfg->flags, AST_SSL_SSLV2_CLIENT)) {
                        cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());
-               } else if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
+               } else
+#endif
+               if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
                        cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
                } else if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
                        cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());