From caf28ad2ce4700688728faeb5b3910e71fcea2c3 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Tue, 21 Jul 2020 08:38:03 +0200
Subject: update to 2.15.3 open https://github.com/datastax/cpp-driver/pull/479
   fix for openssl 1.0.2 on EL-7

---
 479.patch | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 479.patch

(limited to '479.patch')

diff --git a/479.patch b/479.patch
new file mode 100644
index 0000000..ddc11b1
--- /dev/null
+++ b/479.patch
@@ -0,0 +1,24 @@
+From 464bdd6b70409a62ee47ff6c9d0ca09d3f90ed76 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@remirepo.net>
+Date: Tue, 21 Jul 2020 08:33:48 +0200
+Subject: [PATCH] SSL_CTX_set_max_proto_version requires openssl 1.1
+
+---
+ src/ssl/ssl_openssl_impl.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/ssl/ssl_openssl_impl.cpp b/src/ssl/ssl_openssl_impl.cpp
+index 29d26ef51..3b1124378 100644
+--- a/src/ssl/ssl_openssl_impl.cpp
++++ b/src/ssl/ssl_openssl_impl.cpp
+@@ -539,8 +539,10 @@ OpenSslContext::OpenSslContext()
+     , trusted_store_(X509_STORE_new()) {
+   SSL_CTX_set_cert_store(ssl_ctx_, trusted_store_);
+   SSL_CTX_set_verify(ssl_ctx_, SSL_VERIFY_NONE, ssl_no_verify_callback);
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+   // Limit to TLS 1.2 for now. TLS 1.3 has broken the handshake code.
+   SSL_CTX_set_max_proto_version(ssl_ctx_, TLS1_2_VERSION);
++#endif
+ #if DEBUG_SSL
+   SSL_CTX_set_info_callback(ssl_ctx_, ssl_info_callback);
+ #endif
-- 
cgit