Description: Not all OpenSSL-s support obsolete SSLv2
Author: Tzafrir cohen <tzafrir.cohen@xorcom.com>
Bug: https://issues.asterisk.org/view.php?id=19095

SSLv2 is an old and insecure variant of the SSL/TLS standard. OpenSSL
provides a build-time option not to support it. It has been disabled in
e.g. Debian Unstable now.

There's really no good reason to use SSLv2, so if the local implementation
does not support it, let's respect its decision and not fail the build.

--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -297,9 +297,12 @@ static int __ssl_setup(struct ast_tls_co
 	SSLeay_add_ssl_algorithms();
 
 	if (client) {
+#ifndef OPENSSL_NO_SSL2
 		if (ast_test_flag(&cfg->flags, AST_SSL_SSLV2_CLIENT)) {
 			cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());
-		} else if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
+		} else
+#endif
+		if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
 			cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
 		} else if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
 			cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
