Mercurial > dovecot > core-2.2
changeset 22857:e614a9cc7616
login-common,lib-ssl-iostream: Use SSL_CTX_set_ecdh_auto
This macro is same for 1.0.2 and 1.1.0 and libressl.
author | Aki Tuomi <aki.tuomi@dovecot.fi> |
---|---|
date | Mon, 19 Feb 2018 09:54:09 +0200 |
parents | e47f61de06b7 |
children | aa3c9a064b17 |
files | src/lib-ssl-iostream/iostream-openssl-context.c src/login-common/ssl-proxy-openssl.c |
diffstat | 2 files changed, 7 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-ssl-iostream/iostream-openssl-context.c Sun Feb 18 18:11:18 2018 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl-context.c Mon Feb 19 09:54:09 2018 +0200 @@ -378,7 +378,7 @@ return 0; } -#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO) +#if defined(HAVE_ECDH) && !defined(SSL_CTX_set_ecdh_auto) static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct ssl_iostream_settings *set, int *nid_r, const char **error_r) @@ -412,7 +412,7 @@ const struct ssl_iostream_settings *set ATTR_UNUSED, const char **error_r ATTR_UNUSED) { -#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO) +#if defined(HAVE_ECDH) && !defined(SSL_CTX_set_ecdh_auto) EC_KEY *ecdh; int nid; const char *curve_name; @@ -425,7 +425,7 @@ used instead of ECDHE, do not reuse the same ECDH key pair for different sessions. This option improves forward secrecy. */ SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE); -#ifdef SSL_CTRL_SET_ECDH_AUTO +#ifdef SSL_CTX_set_ecdh_auto /* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter selection. */ if (!SSL_CTX_set_ecdh_auto(ssl_ctx, 1)) {
--- a/src/login-common/ssl-proxy-openssl.c Sun Feb 18 18:11:18 2018 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Mon Feb 19 09:54:09 2018 +0200 @@ -134,7 +134,7 @@ static void ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx, const struct master_service_ssl_settings *set); -#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO) +#if defined(HAVE_ECDH) && !defined(SSL_CTX_set_ecdh_auto) static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set); #endif @@ -1051,7 +1051,7 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx, const struct master_service_ssl_settings *set ATTR_UNUSED) { -#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO) +#if defined(HAVE_ECDH) && !defined(SSL_CTX_set_ecdh_auto) EC_KEY *ecdh; int nid; const char *curve_name; @@ -1064,7 +1064,7 @@ used instead of ECDHE, do not reuse the same ECDH key pair for different sessions. This option improves forward secrecy. */ SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE); -#ifdef SSL_CTRL_SET_ECDH_AUTO +#ifdef SSL_CTX_set_ecdh_auto /* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter selection. */ SSL_CTX_set_ecdh_auto(ssl_ctx, 1); @@ -1157,7 +1157,7 @@ } } -#if defined(HAVE_ECDH) && !defined(SSL_CTRL_SET_ECDH_AUTO) +#if defined(HAVE_ECDH) && !defined(SSL_CTX_set_ecdh_auto) static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set) {