diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/openssl.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c index d679d92..652e38a 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -258,6 +258,10 @@ | |||
| 258 | #define HAVE_SSL_CTX_SET_CURVES_LIST (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,5,1)) | 258 | #define HAVE_SSL_CTX_SET_CURVES_LIST (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,5,1)) |
| 259 | #endif | 259 | #endif |
| 260 | 260 | ||
| 261 | #ifndef HAVE_SSL_CTX_SET_ECDH_AUTO | ||
| 262 | #define HAVE_SSL_CTX_SET_ECDH_AUTO ((OPENSSL_PREREQ(1,0,2) && !OPENSSL_PREREQ(1,1,0)) || LIBRESSL_PREREQ(2,1,2)) | ||
| 263 | #endif | ||
| 264 | |||
| 261 | #ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS | 265 | #ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS |
| 262 | #define HAVE_SSL_CTX_SET_ALPN_PROTOS (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,1,3)) | 266 | #define HAVE_SSL_CTX_SET_ALPN_PROTOS (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,1,3)) |
| 263 | #endif | 267 | #endif |
| @@ -7575,6 +7579,15 @@ static int sx_new(lua_State *L) { | |||
| 7575 | 7579 | ||
| 7576 | SSL_CTX_set_options(*ud, options); | 7580 | SSL_CTX_set_options(*ud, options); |
| 7577 | 7581 | ||
| 7582 | #if HAVE_SSL_CTX_SET_ECDH_AUTO | ||
| 7583 | /* OpenSSL 1.0.2 introduced SSL_CTX_set_ecdh_auto to automatically select | ||
| 7584 | * from the curves set via SSL_CTX_set1_curves_list. However as of OpenSSL | ||
| 7585 | * 1.1.0, the functionality was turned on permanently and the option | ||
| 7586 | * removed. */ | ||
| 7587 | if (!SSL_CTX_set_ecdh_auto(*ud, 1)) | ||
| 7588 | return auxL_error(L, auxL_EOPENSSL, "ssl.context.new"); | ||
| 7589 | #endif | ||
| 7590 | |||
| 7578 | return 1; | 7591 | return 1; |
| 7579 | } /* sx_new() */ | 7592 | } /* sx_new() */ |
| 7580 | 7593 | ||