openssl: Use TLS_method unconditionally.

Every version of openssl/libressl we support has this.

diff --git a/configure.ac b/configure.ac
index d0585ca154774f289490c7f90f8d8dc8aa0671c9..4e73a848cc16942b27fd33b77d7caf50b823912f 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -1128,8 +1128,7 @@ AC_CHECK_FUNCS([ \
                SSL_CIPHER_find \
                SSL_CTX_set1_groups_list \
                SSL_CTX_set_security_level \
-               SSL_get_client_ciphers \
-               TLS_method \
+               SSL_get_client_ciphers
               ])
 
 fi # enable_nss

diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
index 8b238d7bda486824af197542afe8eb75c460d143..4c74085d64b87412e9036a3f9211bf3bbbdb851b 100644 (file)
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -507,13 +507,8 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
 #endif /* 0 */
 
   /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */
-#ifdef HAVE_TLS_METHOD
   if (!(result->ctx = SSL_CTX_new(TLS_method())))
     goto error;
-#else
-  if (!(result->ctx = SSL_CTX_new(SSLv23_method())))
-    goto error;
-#endif /* defined(HAVE_TLS_METHOD) */
 
 #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
   /* Level 1 re-enables RSA1024 and DH1024 for compatibility with old tors */