diff options
-rw-r--r-- | radsecproxy/Makefile.am | 1 | ||||
-rw-r--r-- | radsecproxy/tlscommon.c | 5 |
2 files changed, 4 insertions, 2 deletions
diff --git a/radsecproxy/Makefile.am b/radsecproxy/Makefile.am index dc5ffc4..872416b 100644 --- a/radsecproxy/Makefile.am +++ b/radsecproxy/Makefile.am @@ -21,3 +21,4 @@ if RS_ENABLE_TLS libradsec_radsecproxy_la_SOURCES += \ tlscommon.c tlscommon.h endif +libradsec_radsecproxy_la_CFLAGS = -Wno-error=deprecated diff --git a/radsecproxy/tlscommon.c b/radsecproxy/tlscommon.c index a31fa32..5a5660b 100644 --- a/radsecproxy/tlscommon.c +++ b/radsecproxy/tlscommon.c @@ -202,12 +202,12 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) { switch (type) { #ifdef RADPROT_TLS case RAD_TLS: - ctx = SSL_CTX_new(TLSv1_method()); + ctx = SSL_CTX_new(TLS_method()); break; #endif #ifdef RADPROT_DTLS case RAD_DTLS: - ctx = SSL_CTX_new(DTLSv1_method()); + ctx = SSL_CTX_new(DTLS_method()); SSL_CTX_set_read_ahead(ctx, 1); break; #endif @@ -218,6 +218,7 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) { debug(DBG_ERR, "SSL: %s", ERR_error_string(error, NULL)); return NULL; } + SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3); #ifdef DEBUG SSL_CTX_set_info_callback(ctx, ssl_info_callback); #endif |