<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix"><tt>On 18/09/2015 18:05, zosrothko
wrote:</tt><tt><br>
</tt></div>
<blockquote class=" cite" id="mid_55FC3656_9080506_orange_fr"
cite="mid:55FC3656.9080506@orange.fr" type="cite"><tt>Hi
</tt><tt><br>
</tt>
<tt><br>
</tt><tt>is there a way to know the supported TLS protocols from
the OPENSSL_VERSION_NUMBER (specifically, the TLSv1_1 and
TLSv1_2?
</tt><tt><br>
</tt>
<tt><br>
</tt><tt>For exemple, I have a code that is using
TLSv1_1_client_method & TLSv1_1_server_method for a
OPENSSL_VERSION_NUMBER = 0x1000201fL, but I need to protect
those TLSv1_1 and TLSv1_2 entry points references when my code
is ported toward a previous version of OpenSSL that does not
support those TLS versions as the 1.0.0k version .
</tt><tt><br>
</tt>
<tt><br>
</tt><tt>Since there is no OPEN_SSL_NO_TLSv1_1 constant nor
OPEN_SSL_NO_TLSv1_2 constant in the ssl.h(1.0.0k), I would like
to use the OPENSSL_VERSION_NUMBER to protect the references.
</tt><tt><br>
</tt>
<tt><br>
</tt></blockquote>
<tt>The numeric value of OPENSSL_VERSION_NUMBER maps directly <br>
to the textual version number ("1.0.0k"), a look in the <br>
official changelogs for each branch (0.9.8, 1.0.0, 1.0.1, <br>
1.0.2, 1.1.0 etc.) to see at which comparison limits any given <br>
feature was installed.</tt><tt><br>
</tt><tt><br>
</tt><tt>Or, since you are using the version number of the header <br>
files, not the version of the runtime shared library, you <br>
can simply use ifdef tests for relevant defines existing, <br>
e.g.</tt><tt><br>
</tt><tt><br>
</tt><tt>#if defined(SSL_OP_NO_TLSv1_1) && !defined(</tt><tt>OPENSSL_NO_TLS1)<br>
/* </tt><tt>SSL_OP_NO_TLSv1_1 is defined in ssl.h if the library
version <br>
* supports TLSv1.1 .<br>
*<br>
* OPENSSL_NO_TLS1 is defined in opensslconf.h or on the <br>
* compiler command line if TLS1.x was removed at OpenSSL <br>
* library build time via Configure options.<br>
*/<br>
</tt><tt>/* Code that requires headers from a TLSv1.1 capable
OpenSSL <br>
* goes here.<br>
*/</tt><tt><br>
</tt><tt>#endif</tt><tt><br>
</tt><tt><br>
</tt>
<pre class="moz-signature" cols="72">Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. <a class="moz-txt-link-freetext" href="http://www.wisemo.com">http://www.wisemo.com</a>
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded </pre>
</body>
</html>