- Fix remote control without certificate for LibreSSL

git-svn-id: file:///svn/unbound/trunk@3956 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/daemon/remote.c b/daemon/remote.c
index c303ce4ea1f09374c9cc0de95d518502b9066c3f..d4ac833e33d0d8445706dd5675240d5d762da557 100644 (file)
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -146,7 +146,7 @@ timeval_divide(struct timeval* avg, const struct timeval* sum, size_t d)
  * the command : "openssl dhparam -C 2048"
  * (some openssl versions reject DH that is 'too small', eg. 512).
  */
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
 #ifndef S_SPLINT_S
 static DH *get_dh2048(void)
 {
@@ -256,7 +256,7 @@ daemon_remote_create(struct config_file* cfg)
 
                /* in openssl 1.1, the securitylevel 0 allows eNULL, that
                 * does not need the DH */
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
                /* Since we have no certificates and hence no source of
                 * DH params, let's generate and set them
                 */

diff --git a/doc/Changelog b/doc/Changelog
index e668c0f7a77b1a62d89614fca2be4f216edb8b5c..2c83abb189597c19c66d500506ea6f1254064737 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,5 +1,6 @@
 7 December 2016: Ralph
        - Add DSA support for OpenSSL 1.1.0
+       - Fix remote control without cert for LibreSSL
 
 6 December 2016: George
        - Added generic EDNS code for registering known EDNS option codes,