On Thu, Mar 1, 2018 at 6:14 AM, Simon Matter <simon.mat...@invoca.ch> wrote: > Hi, > > I've just done some test builds with 2.4.5 tagged version. > > Attached patch makes it build with older systems. Do you see any issue > with the change?
.. from the attachment > --- openvpn-2.4.5/src/openvpn/openssl_compat.h.orig 2018-02-28 > 21:56:54.000000000 +0100 > +++ openvpn-2.4.5/src/openvpn/openssl_compat.h 2018-03-01 11:44:57.000000000 > +0100 > @@ -672,14 +672,18 @@ > { > return TLS1_VERSION; > } > +#ifdef SSL_OP_NO_TLSv1_1 > if (!(sslopt & SSL_OP_NO_TLSv1_1)) > { > return TLS1_1_VERSION; > } > +#endif > +#ifdef SSL_OP_NO_TLSv1_2 > if (!(sslopt & SSL_OP_NO_TLSv1_2)) > { > return TLS1_2_VERSION; > } > +#endif > return 0; > } > > #endif /* SSL_CTX_get_min_proto_version */ These ifdefs are needed for older openssl (e.g., 0.9.8), but how did we miss it? Turns out commit 2d705accea3e538a555631ef7c39eb4bc4fd4acf cherry-picked from f8a92a4393a was not fully ripe.. As we do not support Windows build using pre 1.0 openssl, this is the only change needed. So ACK, assuming a commit message and Author: may be slapped on during merge. Acked-by: Selva Nair <selva.n...@gmail.com> Selva ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel