From 191efd6485989de64713d0644368c2f58d984f5e Mon Sep 17 00:00:00 2001
From: S-P Chan <shihping.chan@gmail.com>
Date: Sun, 25 Feb 2024 20:42:14 +0800
Subject: [PATCH] tls: fix OpenSSL 1.1.1 compatibility

---
 src/modules/tls/tls_mod.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 136f0e2deb2..550a1bcc2b5 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -688,6 +688,14 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2)
          * GH #3695: OpenSSL 1.1.1 historical note: it is no longer
          * needed to replace RAND with cryptorand
          */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L \
+		&& OPENSSL_VERSION_NUMBER < 0x030000000L
+	if(ksr_tls_threads_mode == 0) {
+		LM_WARN("OpenSSL 1.1.1 setting cryptorand random engine\n");
+		RAND_set_rand_method(RAND_ksr_cryptorand_method());
+	}
+#endif
+
 	sr_kemi_modules_add(sr_kemi_tls_exports);
 
 	return 0;