From 2e0e6f26031f5377845a0d41da41f5ee962d5ac6 Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Tue, 14 Nov 2017 15:53:57 +0100
Subject: Use DTLS_method() for new SSL context if it exists.

From radsecproxy commit 69027c1.
---
 radsecproxy/tlscommon.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/radsecproxy/tlscommon.c b/radsecproxy/tlscommon.c
index 97b5914..9a2310b 100644
--- a/radsecproxy/tlscommon.c
+++ b/radsecproxy/tlscommon.c
@@ -214,10 +214,15 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) {
 #endif  /* RADPROT_TLS */
 #ifdef RADPROT_DTLS
     case RAD_DTLS:
+#if OPENSSL_VERSION_NUMBER >= 0x10002000
+        /* DTLS_method() seems to have been introduced in OpenSSL 1.0.2. */
+	ctx = SSL_CTX_new(DTLS_method());
+#else
 	ctx = SSL_CTX_new(DTLSv1_method());
+#endif
 	SSL_CTX_set_read_ahead(ctx, 1);
 	break;
-#endif
+#endif  /* RADPROT_DTLS */
     }
     if (!ctx) {
 	debug(DBG_ERR, "tlscreatectx: Error initialising SSL/TLS in TLS context %s", conf->name);
-- 
cgit v1.1