tls (common): don't use TLS servername if openssl < 1.0.0

- TLS extensions and more specifically server_name support have appeared between openssl 0.9.8l and 1.0.0.
2600hz-archive · Apr 23, 2009 · 0705191 · 0705191
1 parent 024a23e
commit 0705191
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 1 deletion.
diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
@@ -84,6 +84,11 @@ to compile on the  _target_ system)"
 #endif /* OPENSSL_VERSION_NUMBER */
 #endif /* TLS_KSSL_WORKARROUND */
 
+/* openssl < 1. 0 */
+#if OPENSSL_VERSION_NUMBER < 0x01000000L
+#	warning "openssl < 1.0: no TLS extensions or server name support"
+#endif /* OPENSSL_VERION < 1.0 */
+
 
 
 #ifndef OPENSSL_NO_COMP

diff --git a/modules/tls/tls_init.h b/modules/tls/tls_init.h
@@ -36,6 +36,11 @@
 #include "../../ip_addr.h"
 #include "tls_domain.h"
 
+/* openssl < 1. 0 */
+#if OPENSSL_VERSION_NUMBER < 0x01000000L
+/* alternative: check ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME */
+#define OPENSSL_NO_TLSEXT
+#endif /* OPENSSL_VERION < 1.0 */
 #ifndef OPENSSL_NO_KRB5
 /* enable workarround for openssl kerberos wrong malloc bug
  * (kssl code uses libc malloc/free/calloc instead of OPENSSL_malloc & 

diff --git a/modules/tls/tls_select.c b/modules/tls/tls_select.c
@@ -39,6 +39,7 @@
 #include "tls_server.h"
 #include "tls_select.h"
 #include "tls_mod.h"
+#include "tls_init.h" /* features macros */
 
 enum {
 	CERT_LOCAL = 1,   /* Select local certificate */
@@ -932,7 +933,7 @@ static int sel_cert(str* res, select_t* s, struct sip_msg* msg)
 
 
 #ifdef OPENSSL_NO_TLSEXT
-static int get_tlsext_sn(str* res, int type, sip_msg_t* msg)
+static int get_tlsext_sn(str* res, sip_msg_t* msg)
 {
 	ERR("TLS extension 'server name' is not available! "
 		"please install openssl with TLS extension support and recompile "