From 00081a2b1f5d806193bf14319799959cc51fc24a Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Thu, 6 Apr 2017 08:32:03 +0800
Subject: [PATCH] ssl: OpenSSL v1.1 deprecated TLSv1_2_client_method

---
 CMakeLists.txt   |  4 ++++
 lib/ssl-client.c | 11 ++++++++++-
 lws_config.h.in  |  6 ++++++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b33f5dc..abc5052 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -474,6 +474,10 @@ CHECK_FUNCTION_EXISTS(_snprintf LWS_HAVE__SNPRINTF)
 CHECK_FUNCTION_EXISTS(_vsnprintf LWS_HAVE__VSNPRINTF)
 CHECK_FUNCTION_EXISTS(getloadavg LWS_HAVE_GETLOADAVG)
 
+CHECK_FUNCTION_EXISTS(TLS_client_method LWS_HAVE_TLS_CLIENT_METHOD)
+CHECK_FUNCTION_EXISTS(TLSv1_2_client_method LWS_HAVE_TLSV1_2_CLIENT_METHOD)
+
+
 if (NOT LWS_HAVE_GETIFADDRS)
 	if (LWS_WITHOUT_BUILTIN_GETIFADDRS)
 		message(FATAL_ERROR "No getifaddrs was found on the system. Turn off the LWS_WITHOUT_BUILTIN_GETIFADDRS compile option to use the supplied BSD version.")
diff --git a/lib/ssl-client.c b/lib/ssl-client.c
index 53be68f..89fc57e 100644
--- a/lib/ssl-client.c
+++ b/lib/ssl-client.c
@@ -426,7 +426,7 @@ lws_ssl_client_connect2(struct lws *wsi)
 int lws_context_init_client_ssl(struct lws_context_creation_info *info,
 				struct lws_vhost *vhost)
 {
-	SSL_METHOD *method;
+	SSL_METHOD *method = NULL;
 	struct lws wsi;
 	unsigned long error;
 #if !defined(LWS_WITH_ESP32)
@@ -468,7 +468,16 @@ int lws_context_init_client_ssl(struct lws_context_creation_info *info,
 
 	/* basic openssl init already happened in context init */
 
+
+	/* choose the most recent spin of the api */
+#if defined(LWS_HAVE_TLS_CLIENT_METHOD)
+	method = (SSL_METHOD *)TLS_client_method();
+#if defined(LWS_HAVE_TLSV1_2_CLIENT_METHOD)
 	method = (SSL_METHOD *)TLSv1_2_client_method();
+#else
+	method = (SSL_METHOD *)SSLv23_client_method();
+#endif
+#endif
 	if (!method) {
 		error = ERR_get_error();
 		lwsl_err("problem creating ssl method %lu: %s\n",
diff --git a/lws_config.h.in b/lws_config.h.in
index 6c30be8..d83211b 100644
--- a/lws_config.h.in
+++ b/lws_config.h.in
@@ -132,4 +132,10 @@
 #cmakedefine LWS_AVOID_SIGPIPE_IGN
 
 #cmakedefine LWS_FALLBACK_GETHOSTBYNAME
+
+/* OpenSSL various APIs */
+
+#cmakedefine LWS_HAVE_TLS_CLIENT_METHOD
+#cmakedefine LWS_HAVE_TLSV1_2_CLIENT_METHOD
+
 ${LWS_SIZEOFPTR_CODE}
-- 
2.7.4