diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2020-08-06 15:35:30 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-04-04 23:28:21 +0900 |
| commit | 3b7d7045b8df7871fe17209d7fb07911f9428b5d (patch) | |
| tree | ec2bcea26f035cf1b28f2f4884c660a8d2ccfd9c /ext | |
| parent | 2ae8f212343387992f1bd2e55e33672051a4840e (diff) | |
| download | ruby-openssl-3b7d7045b8df7871fe17209d7fb07911f9428b5d.tar.gz | |
ssl: use TLS_method() instead of SSLv23_method() for LibreSSL
LibreSSL 2.2.2 introduced TLS_method(), but with different semantics
from OpenSSL: TLS_method() enabled TLS >= 1.0 while SSLv23_method()
enabled all available versions, which included SSL 3.0 in addition.
However, LibreSSL 2.3.0 removed SSL 3.0 support completely and now
TLS_method() and SSLv23_method() are equivalent.
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index e1e0b913..76db821e 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -81,7 +81,7 @@ ossl_sslctx_s_alloc(VALUE klass) VALUE obj; obj = TypedData_Wrap_Struct(klass, &ossl_sslctx_type, 0); -#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) ctx = SSL_CTX_new(TLS_method()); #else ctx = SSL_CTX_new(SSLv23_method()); |