From: Steffan Karger <steffan@karger.me>
Date: Fri, 4 Nov 2016 20:03:44 +0000 (+0100)
Subject: Fix --tls-version-max in mbed TLS builds
X-Git-Tag: v2.4_beta1~43
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8215b7a873400b85137f6e42cd7999dd12b00b71;p=thirdparty%2Fopenvpn.git

Fix --tls-version-max in mbed TLS builds

These define renames were missed in the migration to 2.x, causing the
maximum TLS version to be detected incorrectly.

[DS: mbedTLS mapps supported SSL/TLS protocol version in the library
     through these macros.  TLSv1.1 = 3.2, TLSv1.2 = 3.3, etc ]

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1478289824-9244-1-git-send-email-steffan@karger.me>
URL: http://www.mail-archive.com/search?l=mid&q=1478289824-9244-1-git-send-email-steffan@karger.me
Signed-off-by: David Sommerseth <davids@openvpn.net>
---

diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index 8a761a45a..a6c90b1f1 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -723,9 +723,9 @@ void tls_ctx_personalise_random(struct tls_root_ctx *ctx)
 int
 tls_version_max(void)
 {
-#if defined(SSL_MAJOR_VERSION_3) && defined(SSL_MINOR_VERSION_3)
+#if defined(MBEDTLS_SSL_MAJOR_VERSION_3) && defined(MBEDTLS_SSL_MINOR_VERSION_3)
   return TLS_VER_1_2;
-#elif defined(SSL_MAJOR_VERSION_3) && defined(SSL_MINOR_VERSION_2)
+#elif defined(MBEDTLS_SSL_MAJOR_VERSION_3) && defined(MBEDTLS_SSL_MINOR_VERSION_2)
   return TLS_VER_1_1;
 #else
   return TLS_VER_1_0;