From 8215b7a873400b85137f6e42cd7999dd12b00b71 Mon Sep 17 00:00:00 2001
From: Steffan Karger <steffan@karger.me>
Date: Fri, 4 Nov 2016 21:03:44 +0100
Subject: [PATCH] Fix --tls-version-max in mbed TLS builds

These define renames were missed in the migration to 2.x, causing the
maximum TLS version to be detected incorrectly.

[DS: mbedTLS mapps supported SSL/TLS protocol version in the library
     through these macros.  TLSv1.1 = 3.2, TLSv1.2 = 3.3, etc ]

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1478289824-9244-1-git-send-email-steffan@karger.me>
URL: http://www.mail-archive.com/search?l=mid&q=1478289824-9244-1-git-send-email-steffan@karger.me
Signed-off-by: David Sommerseth <davids@openvpn.net>
---
 src/openvpn/ssl_mbedtls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index 8a761a45a..a6c90b1f1 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -723,9 +723,9 @@ void tls_ctx_personalise_random(struct tls_root_ctx *ctx)
 int
 tls_version_max(void)
 {
-#if defined(SSL_MAJOR_VERSION_3) && defined(SSL_MINOR_VERSION_3)
+#if defined(MBEDTLS_SSL_MAJOR_VERSION_3) && defined(MBEDTLS_SSL_MINOR_VERSION_3)
   return TLS_VER_1_2;
-#elif defined(SSL_MAJOR_VERSION_3) && defined(SSL_MINOR_VERSION_2)
+#elif defined(MBEDTLS_SSL_MAJOR_VERSION_3) && defined(MBEDTLS_SSL_MINOR_VERSION_2)
   return TLS_VER_1_1;
 #else
   return TLS_VER_1_0;
-- 
2.47.2