Fix build with older OpenSSL.

author Jeremy Harris <jgh146exb@wizmail.org>

Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c

index 9ddb16fc419b5340db74af341a1ddceb6147c5ac..b46c0c7fda545fd0a9b8860363201c3b7efe3cff 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -48,6 +48,7 @@ functions from the OpenSSL library. */
  #if OPENSSL_VERSION_NUMBER >= 0x10100000L
  # define EXIM_HAVE_OCSP_RESP_COUNT
  # define OPENSSL_AUTO_SHA256
+# define OPENSSL_MIN_PROTO_VERSION
  #else
  # define EXIM_HAVE_EPHEM_RSA_KEX
  # define EXIM_HAVE_RAND_PSEUDO
@@ -2210,7 +2211,9 @@ already exists.  Might even need this selfsame callback, for reneg? */
    SSL_CTX * ctx = state_server.lib_state.lib_ctx;
    SSL_CTX_set_info_callback(server_sni, SSL_CTX_get_info_callback(ctx));
    SSL_CTX_set_mode(server_sni, SSL_CTX_get_mode(ctx));
+#ifdef OPENSSL_MIN_PROTO_VERSION
    SSL_CTX_set_min_proto_version(server_sni, SSL3_VERSION);
+#endif
    SSL_CTX_set_options(server_sni, SSL_CTX_get_options(ctx));
    SSL_CTX_clear_options(server_sni, ~SSL_CTX_get_options(ctx));
    SSL_CTX_set_timeout(server_sni, SSL_CTX_get_timeout(ctx));
@@ -2728,7 +2731,9 @@ if (init_options)
      }
  #endif
  
+#ifdef OPENSSL_MIN_PROTO_VERSION
    SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
+#endif
    DEBUG(D_tls) debug_printf("setting  SSL CTX options: %016lx\n", init_options);
    SSL_CTX_set_options(ctx, init_options);
     {
author	Jeremy Harris <jgh146exb@wizmail.org>
	Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)