diff --git a/dnstap/dnstap.c b/dnstap/dnstap.c index 3a690eb1d..756dc0419 100644 --- a/dnstap/dnstap.c +++ b/dnstap/dnstap.c @@ -162,7 +162,7 @@ tls_writer_init(char* ip, char* tls_server_name, char* tls_cert_bundle, free(dtw); return NULL; } - dtw->ctx = SSL_CTX_new(SSLv23_client_method()); + dtw->ctx = SSL_CTX_new(TLS_client_method()); if(!dtw->ctx) { log_msg(LOG_ERR, "dnstap: SSL_CTX_new failed"); free(dtw->ip); diff --git a/nsd-control.c b/nsd-control.c index 5de032620..944d3aaee 100644 --- a/nsd-control.c +++ b/nsd-control.c @@ -186,7 +186,7 @@ setup_ctx(struct nsd_options* cfg) cfg->zonesdir, strerror(errno)); } - ctx = SSL_CTX_new(SSLv23_client_method()); + ctx = SSL_CTX_new(TLS_client_method()); if(!ctx) ssl_err("could not allocate SSL_CTX pointer"); #if SSL_OP_NO_SSLv2 != 0 diff --git a/server.c b/server.c index 756b51ea3..0ce90bdee 100644 --- a/server.c +++ b/server.c @@ -2140,7 +2140,7 @@ server_alpn_cb(SSL* ATTR_UNUSED(s), SSL_CTX* server_tls_ctx_setup(char* key, char* pem, char* verifypem) { - SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method()); + SSL_CTX *ctx = SSL_CTX_new(TLS_server_method()); if(!ctx) { log_crypto_err("could not SSL_CTX_new"); return NULL;