[sr-dev] git:master:3b0b03c9: tls: exclude TLSv1.3 from OpenSSL > 1.1.0 < 1.1.1 for Debian stretch

Henning Westerholt hw at gilawa.com
Fri Aug 19 09:13:05 CEST 2022 

Module: kamailio
Branch: master
Commit: 3b0b03c921945000b2c0f97810061fee58faf77d
URL: https://github.com/kamailio/kamailio/commit/3b0b03c921945000b2c0f97810061fee58faf77d

Author: Henning Westerholt <hw at gilawa.com>
Committer: Henning Westerholt <hw at gilawa.com>
Date: 2022-08-19T07:10:45Z

tls: exclude TLSv1.3 from OpenSSL > 1.1.0 < 1.1.1 for Debian stretch

---

Modified: src/modules/tls/tls_init.c

---

Diff:  https://github.com/kamailio/kamailio/commit/3b0b03c921945000b2c0f97810061fee58faf77d.diff
Patch: https://github.com/kamailio/kamailio/commit/3b0b03c921945000b2c0f97810061fee58faf77d.patch

---

diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 9bbd0acb83..e6d0060d41 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -463,6 +463,7 @@ static void init_ssl_methods(void)
 	sr_tls_methods[TLS_USE_TLSv1_2 - 1].TLSMethodMin = TLS1_2_VERSION;
 	sr_tls_methods[TLS_USE_TLSv1_2 - 1].TLSMethodMax = TLS1_2_VERSION;
 
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)
 	sr_tls_methods[TLS_USE_TLSv1_3_cli - 1].TLSMethod = TLS_client_method();
 	sr_tls_methods[TLS_USE_TLSv1_3_cli - 1].TLSMethodMin = TLS1_3_VERSION;
 	sr_tls_methods[TLS_USE_TLSv1_3_cli - 1].TLSMethodMax = TLS1_3_VERSION;
@@ -472,6 +473,7 @@ static void init_ssl_methods(void)
 	sr_tls_methods[TLS_USE_TLSv1_3 - 1].TLSMethod = TLS_method();
 	sr_tls_methods[TLS_USE_TLSv1_3 - 1].TLSMethodMin = TLS1_3_VERSION;
 	sr_tls_methods[TLS_USE_TLSv1_3 - 1].TLSMethodMax = TLS1_3_VERSION;
+#endif
 
 	/* ranges of TLS versions (require a minimum TLS version) */
 	sr_tls_methods[TLS_USE_TLSv1_PLUS - 1].TLSMethod = TLS_method();
@@ -483,8 +485,10 @@ static void init_ssl_methods(void)
 	sr_tls_methods[TLS_USE_TLSv1_2_PLUS - 1].TLSMethod = TLS_method();
 	sr_tls_methods[TLS_USE_TLSv1_2_PLUS - 1].TLSMethodMin = TLS1_2_VERSION;
 
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)
 	sr_tls_methods[TLS_USE_TLSv1_3_PLUS - 1].TLSMethod = TLS_method();
 	sr_tls_methods[TLS_USE_TLSv1_3_PLUS - 1].TLSMethodMin = TLS1_3_VERSION;
+#endif
 
 #endif
 }

More information about the sr-dev mailing list