net/asterisk: Fix build when SSLv3 method is N/A (LibreSSL)

Approved by: SSL blanket P.S. Why is this port still in the tree? It expired in April 2016.
svn path=/head/; revision=421930
2024-12-12 03:00:28 +00:00 · 2016-09-12 15:34:22 +00:00 · 2016-09-12 15:34:22 +00:00 · a8ec6663ce · 2021-03-31 03:12:20 +00:00
commit a8ec6663ce
parent 3f0427cf06
1 changed files with 17 additions and 0 deletions
--- a/net/asterisk/files/patch-main_tcptls.c
+++ b/net/asterisk/files/patch-main_tcptls.c
@ -0,0 +1,17 @@
+--- main/tcptls.c.orig	2015-04-08 18:53:07.000000000 +0200
+++ main/tcptls.c	2015-09-23 21:30:28.092457300 +0200
+@@ -768,10 +768,13 @@ static int __ssl_setup(struct ast_tls_co
+ 			cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());
+ 		} else
+ #endif
+#ifndef OPENSSL_NO_SSL3
+ 		if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
+ 			ast_log(LOG_WARNING, "Usage of SSLv3 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!\n");
+ 			cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
+-		} else if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
+		} else 
+#endif
+		if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
+ 			cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
+ 		} else {
+ 			disable_ssl = 1;