diff options
author | David Sommerseth | 2017-04-11 19:31:33 +0200 |
---|---|---|
committer | David Sommerseth | 2017-04-11 23:42:02 +0200 |
commit | 039a89c331e9b7998d8047ec72144097f7c5826a (patch) | |
tree | 03277695237233cf538c954ccdc97f80885e57db /src/openvpn/ssl_openssl.h | |
parent | 7a1b6a0dd706a81897457b0456a951c0b30bbcfb (diff) | |
download | openvpn-039a89c331e9b7998d8047ec72144097f7c5826a.zip openvpn-039a89c331e9b7998d8047ec72144097f7c5826a.tar.gz |
Require minimum OpenSSL 1.0.1
As RHEL 5 has reached EOL, we no longer need to support OpenSSL v0.9.8.
This also makes it possible to remove a few workaronds which was
needed earlier, as well as some left overs from v0.9.6.
This also makes ./configure really stop running unless a new enough
OpenSSL library is found.
Compile tested on RHEL7.3 and RHEL6.7 (mock chroot build), both shipping
openssl-1.0.1e.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20170411173133.18060-1-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14441.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
Diffstat (limited to 'src/openvpn/ssl_openssl.h')
-rw-r--r-- | src/openvpn/ssl_openssl.h | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/src/openvpn/ssl_openssl.h b/src/openvpn/ssl_openssl.h index 6ca4cb6..60a1f5e 100644 --- a/src/openvpn/ssl_openssl.h +++ b/src/openvpn/ssl_openssl.h @@ -33,17 +33,6 @@ #include <openssl/ssl.h> /** - * SSL_OP_NO_TICKET tells OpenSSL to disable "stateless session resumption", - * as this is something we do not want nor need, but could potentially be - * used for a future attack. For compatibility reasons we keep building if the - * OpenSSL version is too old (pre-0.9.8f) to support stateless session - * resumption (and the accompanying SSL_OP_NO_TICKET flag). - */ -#ifndef SSL_OP_NO_TICKET -#define SSL_OP_NO_TICKET 0 -#endif - -/** * Structure that wraps the TLS context. Contents differ depending on the * SSL library used. */ |