I'd like to get rid of OPENSSL_VERSION as much as possible.
what would be better for guarding TLS13 ciphers manipulation ?
approach 1 (macro defined in openssl-compat.h)
#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) &&
!defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL))
#define HAVE_SSL_CTX_SET_CIPHERSUITES
#endif
approach 2 (macro TLS13_NUM_CIPHERS)
#ifdef TLS13_NUM_CIPHERS
conf_ciphersuites = (ssl_conf && ssl_conf->ciphersuites) ?
ssl_conf->ciphersuites : bind_conf->ssl_conf.ciphersuites;
...
#endif
Ilya
