Detect the correct versions of openssl for tls negotiation fix

Since it doesn't seem to hurt, we should use _both_ fixes whenever
we see OpenSSL 0.9.7L .. 0.9.8, or OpenSSL 0.9.8L..

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 33fed4c1cc6c44f24452e5b16ee9396d694faf39..344515b10263f44693ffb2cc886e16cf192f814a 100644 (file)
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -358,13 +358,13 @@ tor_tls_init(void)
     version = SSLeay();
     if (version >= 0x009070c0L && version < 0x00908000L) {
       log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.7l or later; "
-                 "I will use SSL3_FLAGS to enable renegotation",
+                 "I will try SSL3_FLAGS and SSL3_OP to enable renegotation",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_flag = 1;
       use_unsafe_renegotiation_op = 1;
-    } else if (version >= 0x009080d0L) {
-      log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8m or later; "
-                 "I will use SSL_OP to enable renegotiation",
+    } else if (version >= 0x009080c0L) {
+      log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l or later; "
+                 "I will try SSL3_FLAGS and SSL_OP to enable renegotiation",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_flag = 1;
       use_unsafe_renegotiation_op = 1;