summaryrefslogtreecommitdiffstats
path: root/rpc
diff options
context:
space:
mode:
Diffstat (limited to 'rpc')
-rw-r--r--rpc/rpc-transport/socket/src/socket.c16
-rw-r--r--rpc/rpc-transport/socket/src/socket.h4
2 files changed, 12 insertions, 8 deletions
diff --git a/rpc/rpc-transport/socket/src/socket.c b/rpc/rpc-transport/socket/src/socket.c
index bcc73016382..c5ab22f9941 100644
--- a/rpc/rpc-transport/socket/src/socket.c
+++ b/rpc/rpc-transport/socket/src/socket.c
@@ -3996,8 +3996,12 @@ socket_init (rpc_transport_t *this)
SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_SSLv3);
+#ifdef SSL_OP_NO_TICKET
SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_TICKET);
+#endif
+#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
if ((bio = BIO_new_file(dh_param, "r")) == NULL) {
gf_log(this->name,GF_LOG_ERROR,
@@ -4006,7 +4010,7 @@ socket_init (rpc_transport_t *this)
}
if (bio != NULL) {
-#ifdef ERR_R_DH_LIB
+#ifdef HAVE_OPENSSL_DH_H
DH *dh;
unsigned long err;
@@ -4024,15 +4028,15 @@ socket_init (rpc_transport_t *this)
"DH ciphers are disabled.",
dh_param, ERR_error_string(err, NULL));
}
-#else /* ERR_R_DH_LIB */
+#else /* HAVE_OPENSSL_DH_H */
BIO_free(bio);
gf_log(this->name, GF_LOG_ERROR,
"OpenSSL has no DH support");
-#endif /* ERR_R_DH_LIB */
+#endif /* HAVE_OPENSSL_DH_H */
}
if (ec_curve != NULL) {
-#ifdef ERR_R_ECDH_LIB
+#ifdef HAVE_OPENSSL_ECDH_H
EC_KEY *ecdh = NULL;
int nid;
unsigned long err;
@@ -4053,10 +4057,10 @@ socket_init (rpc_transport_t *this)
"ECDH ciphers are disabled.",
ec_curve, ERR_error_string(err, NULL));
}
-#else /* ERR_R_ECDH_LIB */
+#else /* HAVE_OPENSSL_ECDH_H */
gf_log(this->name, GF_LOG_ERROR,
"OpenSSL has no ECDH support");
-#endif /* ERR_R_ECDH_LIB */
+#endif /* HAVE_OPENSSL_ECDH_H */
}
/* This must be done after DH and ECDH setups */
diff --git a/rpc/rpc-transport/socket/src/socket.h b/rpc/rpc-transport/socket/src/socket.h
index 238c1457e4d..c4d27e21947 100644
--- a/rpc/rpc-transport/socket/src/socket.h
+++ b/rpc/rpc-transport/socket/src/socket.h
@@ -14,10 +14,10 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#ifdef ERR_R_DH_LIB
+#ifdef HAVE_OPENSSL_DH_H
#include <openssl/dh.h>
#endif
-#ifdef ERR_R_ECDH_LIB
+#ifdef HAVE_OPENSSL_ECDH_H
#include <openssl/objects.h>
#include <openssl/ecdh.h>
#endif