Lines 17-24
Link Here
|
17 |
#include <openssl/tls1.h> |
17 |
#include <openssl/tls1.h> |
18 |
#include <openssl/x509v3.h> |
18 |
#include <openssl/x509v3.h> |
19 |
#ifndef OPENSSL_IS_BORINGSSL |
19 |
#ifndef OPENSSL_IS_BORINGSSL |
20 |
#include <openssl/dtls1.h> |
|
|
21 |
#include <openssl/ssl.h> |
20 |
#include <openssl/ssl.h> |
|
|
21 |
#ifdef LIBRESSL_VERSION_NUMBER |
22 |
#include <openssl/ssl3.h> |
23 |
#endif |
24 |
#include <openssl/dtls1.h> |
22 |
#endif |
25 |
#endif |
23 |
|
26 |
|
24 |
#include <memory> |
27 |
#include <memory> |
Lines 392-399
SSLProtocolVersion OpenSSLStreamAdapter::GetSslVersion() const {
Link Here
|
392 |
if (ssl_mode_ == SSL_MODE_DTLS) { |
395 |
if (ssl_mode_ == SSL_MODE_DTLS) { |
393 |
if (ssl_version == DTLS1_VERSION) { |
396 |
if (ssl_version == DTLS1_VERSION) { |
394 |
return SSL_PROTOCOL_DTLS_10; |
397 |
return SSL_PROTOCOL_DTLS_10; |
|
|
398 |
#ifndef LIBRESSL_VERSION_NUMBER |
395 |
} else if (ssl_version == DTLS1_2_VERSION) { |
399 |
} else if (ssl_version == DTLS1_2_VERSION) { |
396 |
return SSL_PROTOCOL_DTLS_12; |
400 |
return SSL_PROTOCOL_DTLS_12; |
|
|
401 |
#endif |
397 |
} |
402 |
} |
398 |
} else { |
403 |
} else { |
399 |
if (ssl_version == TLS1_VERSION) { |
404 |
if (ssl_version == TLS1_VERSION) { |
Lines 985-999
SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
Link Here
|
985 |
case SSL_PROTOCOL_TLS_12: |
990 |
case SSL_PROTOCOL_TLS_12: |
986 |
default: |
991 |
default: |
987 |
SSL_CTX_set_max_proto_version( |
992 |
SSL_CTX_set_max_proto_version( |
|
|
993 |
#ifdef LIBRESSL_VERSION_NUMBER |
994 |
ctx, TLS1_2_VERSION); |
995 |
#else |
988 |
ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
996 |
ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
|
|
997 |
#endif |
989 |
break; |
998 |
break; |
990 |
} |
999 |
} |
991 |
} else { |
1000 |
} else { |
992 |
// TODO(https://bugs.webrtc.org/10261): Make this the default in M84. |
1001 |
// TODO(https://bugs.webrtc.org/10261): Make this the default in M84. |
993 |
SSL_CTX_set_min_proto_version( |
1002 |
SSL_CTX_set_min_proto_version( |
|
|
1003 |
#ifdef LIBRESSL_VERSION_NUMBER |
1004 |
ctx, TLS1_2_VERSION); |
1005 |
#else |
994 |
ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
1006 |
ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
|
|
1007 |
#endif |
995 |
SSL_CTX_set_max_proto_version( |
1008 |
SSL_CTX_set_max_proto_version( |
|
|
1009 |
#ifdef LIBRESSL_VERSION_NUMBER |
1010 |
ctx, TLS1_2_VERSION); |
1011 |
#else |
996 |
ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
1012 |
ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
|
|
1013 |
#endif |
997 |
} |
1014 |
} |
998 |
|
1015 |
|
999 |
#ifdef OPENSSL_IS_BORINGSSL |
1016 |
#ifdef OPENSSL_IS_BORINGSSL |