Fix compiling with openssl < 1.1.1.
This commit is contained in:
parent
0632549ce9
commit
d3d6f3a980
@ -532,12 +532,19 @@ static int net__init_ssl_ctx(struct mosquitto *mosq)
|
||||
|
||||
if(!mosq->tls_version){
|
||||
SSL_CTX_set_options(mosq->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1);
|
||||
#ifdef SSL_OP_NO_TLSv1_3
|
||||
}else if(!strcmp(mosq->tls_version, "tlsv1.3")){
|
||||
SSL_CTX_set_options(mosq->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2);
|
||||
}else if(!strcmp(mosq->tls_version, "tlsv1.2")){
|
||||
SSL_CTX_set_options(mosq->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_3);
|
||||
}else if(!strcmp(mosq->tls_version, "tlsv1.1")){
|
||||
SSL_CTX_set_options(mosq->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
|
||||
#else
|
||||
}else if(!strcmp(mosq->tls_version, "tlsv1.2")){
|
||||
SSL_CTX_set_options(mosq->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1);
|
||||
}else if(!strcmp(mosq->tls_version, "tlsv1.1")){
|
||||
SSL_CTX_set_options(mosq->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2);
|
||||
#endif
|
||||
}else{
|
||||
log__printf(mosq, MOSQ_LOG_ERR, "Error: Protocol %s not supported.", mosq->tls_version);
|
||||
COMPAT_CLOSE(mosq->sock);
|
||||
|
@ -328,12 +328,19 @@ static int mosquitto__tls_server_ctx(struct mosquitto__listener *listener)
|
||||
|
||||
if(listener->tls_version == NULL){
|
||||
SSL_CTX_set_options(listener->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1);
|
||||
#ifdef SSL_OP_NO_TLSv1_3
|
||||
}else if(!strcmp(listener->tls_version, "tlsv1.3")){
|
||||
SSL_CTX_set_options(listener->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2);
|
||||
}else if(!strcmp(listener->tls_version, "tlsv1.2")){
|
||||
SSL_CTX_set_options(listener->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_3);
|
||||
}else if(!strcmp(listener->tls_version, "tlsv1.1")){
|
||||
SSL_CTX_set_options(listener->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
|
||||
#else
|
||||
}else if(!strcmp(listener->tls_version, "tlsv1.2")){
|
||||
SSL_CTX_set_options(listener->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1);
|
||||
}else if(!strcmp(listener->tls_version, "tlsv1.1")){
|
||||
SSL_CTX_set_options(listener->ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2);
|
||||
#endif
|
||||
}else{
|
||||
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unsupported tls_version \"%s\".", listener->tls_version);
|
||||
return 1;
|
||||
|
Loading…
Reference in New Issue
Block a user