From 60e4274ff758af0d68ba585e7286a5cddb7c4778 Mon Sep 17 00:00:00 2001
From: Omair Majid <omajid@redhat.com>
Date: Thu, 10 Jan 2019 18:37:24 -0500
Subject: [PATCH 5/7] Prefer OpenSSL 1.0.x for portable builds
Future releases of .NET Core prefer OpenSSL 1.1.x. For the sake of
compatiblity, 2.x releases should prefer 1.0.x.
---
.../opensslshim.cpp | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.cpp b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.cpp
index 585f7ac23f..c98869a94e 100644
--- a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.cpp
+++ b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.cpp
@@ -47,12 +47,6 @@ bool OpenLibrary()
libssl = dlopen(soName, RTLD_LAZY);
}
- if (libssl == nullptr)
- {
- // Prefer OpenSSL 1.1.x
- libssl = dlopen("libssl.so.1.1", RTLD_LAZY);
- }
-
if (libssl == nullptr)
{
// Debian 9 has dropped support for SSLv3 and so they have bumped their soname. Let's try it
@@ -73,6 +67,11 @@ bool OpenLibrary()
libssl = dlopen("libssl.so.10", RTLD_LAZY);
}
+ if (libssl == nullptr)
+ {
+ libssl = dlopen("libssl.so.1.1", RTLD_LAZY);
+ }
+
return libssl != nullptr;
}
--
2.20.1