Hi,
>
>> --- openvpn-2.4.5/src/openvpn/openssl_compat.h.orig 2018-02-28
>> 21:56:54.000000000 +0100
>> +++ openvpn-2.4.5/src/openvpn/openssl_compat.h 2018-03-01 11:44:57.000000000
>> +0100
>> @@ -672,14 +672,18 @@
>> {
>> return TLS1_VERSION;
>> }
>> +#ifdef SSL_OP_NO_TLSv1_1
>> if (!(sslopt & SSL_OP_NO_TLSv1_1))
>> {
>> return TLS1_1_VERSION;
>> }
>> +#endif
>> +#ifdef SSL_OP_NO_TLSv1_2
>> if (!(sslopt & SSL_OP_NO_TLSv1_2))
>> {
>> return TLS1_2_VERSION;
>> }
>> +#endif
>> return 0;
>> }
>>
>> #endif /* SSL_CTX_get_min_proto_version */
>
> These ifdefs are needed for older openssl (e.g., 0.9.8), but how did we miss
> it?
>
> Turns out commit 2d705accea3e538a555631ef7c39eb4bc4fd4acf cherry-picked
> from f8a92a4393a was not fully ripe..
>
> As we do not support Windows build using pre 1.0 openssl, this is the
> only change needed. So ACK, assuming a commit message and Author: may
> be slapped on during merge.
>
> Acked-by: Selva Nair <selva.n...@gmail.com>
Forgot to add: 2.4 only. Master is good as is.
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
