From 3b0b03c921945000b2c0f97810061fee58faf77d Mon Sep 17 00:00:00 2001
From: Henning Westerholt <hw@gilawa.com>
Date: Fri, 19 Aug 2022 07:10:45 +0000
Subject: [PATCH] tls: exclude TLSv1.3 from OpenSSL > 1.1.0 < 1.1.1 for Debian
 stretch

---
 src/modules/tls/tls_init.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 9bbd0acb836..e6d0060d413 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -463,6 +463,7 @@ static void init_ssl_methods(void)
 	sr_tls_methods[TLS_USE_TLSv1_2 - 1].TLSMethodMin = TLS1_2_VERSION;
 	sr_tls_methods[TLS_USE_TLSv1_2 - 1].TLSMethodMax = TLS1_2_VERSION;
 
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)
 	sr_tls_methods[TLS_USE_TLSv1_3_cli - 1].TLSMethod = TLS_client_method();
 	sr_tls_methods[TLS_USE_TLSv1_3_cli - 1].TLSMethodMin = TLS1_3_VERSION;
 	sr_tls_methods[TLS_USE_TLSv1_3_cli - 1].TLSMethodMax = TLS1_3_VERSION;
@@ -472,6 +473,7 @@ static void init_ssl_methods(void)
 	sr_tls_methods[TLS_USE_TLSv1_3 - 1].TLSMethod = TLS_method();
 	sr_tls_methods[TLS_USE_TLSv1_3 - 1].TLSMethodMin = TLS1_3_VERSION;
 	sr_tls_methods[TLS_USE_TLSv1_3 - 1].TLSMethodMax = TLS1_3_VERSION;
+#endif
 
 	/* ranges of TLS versions (require a minimum TLS version) */
 	sr_tls_methods[TLS_USE_TLSv1_PLUS - 1].TLSMethod = TLS_method();
@@ -483,8 +485,10 @@ static void init_ssl_methods(void)
 	sr_tls_methods[TLS_USE_TLSv1_2_PLUS - 1].TLSMethod = TLS_method();
 	sr_tls_methods[TLS_USE_TLSv1_2_PLUS - 1].TLSMethodMin = TLS1_2_VERSION;
 
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)
 	sr_tls_methods[TLS_USE_TLSv1_3_PLUS - 1].TLSMethod = TLS_method();
 	sr_tls_methods[TLS_USE_TLSv1_3_PLUS - 1].TLSMethodMin = TLS1_3_VERSION;
+#endif
 
 #endif
 }