SourceFormat Enforcement

[thirdparty/squid.git] / acinclude / lib-checks.m4

diff --git a/acinclude/lib-checks.m4 b/acinclude/lib-checks.m4
index 57932b1fb627c33ad583286b3582ccdd63f1e2c4..6579024a7997b683bdb6416d521be3193dee97bb 100644 (file)
--- a/acinclude/lib-checks.m4
+++ b/acinclude/lib-checks.m4
@@ -1,4 +1,4 @@
-## Copyright (C) 1996-2015 The Squid Software Foundation and contributors
+## Copyright (C) 1996-2017 The Squid Software Foundation and contributors
 ##
 ## Squid software is distributed under GPLv2+ license and includes
 ## contributions from numerous individuals and organizations.
@@ -93,7 +93,11 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_GETCERTIFICATE_WORKS],[
     ],
     [
     SSLeay_add_ssl_algorithms();
-    SSL_CTX *sslContext = SSL_CTX_new(SSLv3_method());
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+    SSL_CTX *sslContext = SSL_CTX_new(TLS_method());
+#else
+    SSL_CTX *sslContext = SSL_CTX_new(SSLv23_method());
+#endif
     SSL *ssl = SSL_new(sslContext);
     X509* cert = SSL_get_certificate(ssl);
     return 0;
@@ -120,7 +124,11 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_GETCERTIFICATE_WORKS],[
     ],
     [
     SSLeay_add_ssl_algorithms();
-    SSL_CTX *sslContext = SSL_CTX_new(SSLv3_method());
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+    SSL_CTX *sslContext = SSL_CTX_new(TLS_method());
+#else
+    SSL_CTX *sslContext = SSL_CTX_new(SSLv23_method());
+#endif
     X509 ***pCert = (X509 ***)sslContext->cert;
     X509 *sslCtxCert = pCert && *pCert ? **pCert : (X509 *)0x1;
     if (sslCtxCert != NULL)
@@ -289,11 +297,12 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_HELLO_OVERWRITE_HACK],[
     ssl->init_num = 0;
     ssl->s3->wpend_ret = 0;
     ssl->s3->wpend_tot = 0;
+    SSL_CIPHER *cipher = 0;
+    assert(SSL_CIPHER_get_id(cipher));
     ])
   ],
   [
-   AC_DEFINE(SQUID_USE_OPENSSL_HELLO_OVERWRITE_HACK, 1)
-   AC_MSG_RESULT([yes])
+   AC_MSG_RESULT([possibly; to try, set SQUID_USE_OPENSSL_HELLO_OVERWRITE_HACK macro value to 1])
   ],
   [
    AC_MSG_RESULT([no])