commit 64c1d38664e13dcd4a21413d877820f6ee656d0d
parent 9e16924a7c79d928ff1b075b0105ec3c73cd0040
Author: Nick Mathewson <nickm@torproject.org>
Date: Tue, 6 May 2025 08:25:25 -0400
openssl: Use TLS_method unconditionally.
Every version of openssl/libressl we support has this.
Diffstat:
2 files changed, 1 insertion(+), 7 deletions(-)
diff --git a/configure.ac b/configure.ac
@@ -1128,8 +1128,7 @@ AC_CHECK_FUNCS([ \
SSL_CIPHER_find \
SSL_CTX_set1_groups_list \
SSL_CTX_set_security_level \
- SSL_get_client_ciphers \
- TLS_method \
+ SSL_get_client_ciphers
])
fi # enable_nss
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
@@ -507,13 +507,8 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
#endif /* 0 */
/* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */
-#ifdef HAVE_TLS_METHOD
if (!(result->ctx = SSL_CTX_new(TLS_method())))
goto error;
-#else
- if (!(result->ctx = SSL_CTX_new(SSLv23_method())))
- goto error;
-#endif /* defined(HAVE_TLS_METHOD) */
#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
/* Level 1 re-enables RSA1024 and DH1024 for compatibility with old tors */
