These checks are probably the result of copying a
check from the LibreSSL and modifying it to be
a OpenSSL check. For some arcane reason LibreSSL decided
that its version number should be a long float (double) rather
than an integer.
Signed-off-by: Arne Schwabe <a...@rfc2549.org>
---
src/openvpn/ssl_openssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index 21651a3e..bcdfb543 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -231,7 +231,7 @@ tls_version_max(void)
* We only need to check this for OpenSSL versions that can be
* upgraded to 1.1.1 without recompile (>= 1.1.0)
*/
- if (OpenSSL_version_num() >= 0x1010100fL)
+ if (OpenSSL_version_num() >= 0x1010100L)
{
return TLS_VER_1_3;
}
@@ -2104,7 +2104,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
crypto_msg(M_FATAL, "Cannot create SSL object");
}
-#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) \
+#if (OPENSSL_VERSION_NUMBER < 0x1010000L) \
|| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER <=
0x2090000fL)
STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
#else
@@ -2134,7 +2134,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
printf("%s\n", pair->iana_name);
}
}
-#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
+#if (OPENSSL_VERSION_NUMBER >= 0x1010000L)
sk_SSL_CIPHER_free(sk);
#endif
SSL_free(ssl);
--
2.25.0
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
