From b323bccd8125e9fa4ff28330da1a3adf206b8d32 Mon Sep 17 00:00:00 2001 From: Leorize Date: Thu, 4 Jun 2020 10:50:28 -0500 Subject: [PATCH] wrappers/openssl: enable SSL_CTX_set_ecdh_auto for LibreSSL This procedure is not no-op for older LibreSSL, and the ABI is kept for newer versions, so there's no harm in enabling it unconditionally for all LibreSSL versions. --- lib/wrappers/openssl.nim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/wrappers/openssl.nim b/lib/wrappers/openssl.nim index 8a80a554c7..82fcb21946 100644 --- a/lib/wrappers/openssl.nim +++ b/lib/wrappers/openssl.nim @@ -609,7 +609,7 @@ proc SSL_CTX_set_ecdh_auto*(ctx: SslCtx, onoff: cint): cint {.inline.} = ## Set automatic curve selection. ## ## On OpenSSL >= 1.1.0 this is on by default and cannot be disabled. - if getOpenSSLVersion() < 0x010100000: + if getOpenSSLVersion() < 0x010100000 or getOpenSSLVersion() == 0x020000000: result = cint SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff, nil) else: result = 1