Commit 4409c49604 for asterisk.org

commit 4409c4960435b6867b25fb074e2d809135ff80b8
Author: Bernd Kuhls <bernd@kuhls.net>
Date:   Sat May 2 14:08:41 2026 +0200

    tcptls.c: fix build with OpenSSL 4

    tcptls.c: In function '__ssl_setup':
    tcptls.c:417:52: error: implicit declaration of function 'SSLv3_client_method';
     did you mean 'SSLv23_client_method'? [-Wimplicit-function-declaration]
      417 |                         cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());

    SSLv3_client_method was removed from OpenSSL 4.0.0:
    https://github.com/openssl/openssl/blob/openssl-4.0.0/doc/man7/ossl-removed-api.pod?plain=1#L440

    Signed-off-by: Bernd Kuhls <bernd@kuhls.net>

    Resolves: #1952

diff --git a/main/tcptls.c b/main/tcptls.c
index 2a3ae258fa..99546e5834 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -411,7 +411,7 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client,
 			cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());
 		} else
 #endif
-#if !defined(OPENSSL_NO_SSL3_METHOD) && !(defined(OPENSSL_API_COMPAT) && (OPENSSL_API_COMPAT >= 0x10100000L))
+#if !defined(OPENSSL_NO_SSL3_METHOD) && !(defined(OPENSSL_API_COMPAT) && (OPENSSL_API_COMPAT >= 0x10100000L)) && (OPENSSL_VERSION_NUMBER < 0x40000000L)
 		if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
 			ast_log(LOG_WARNING, "Usage of SSLv3 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!\n");
 			cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());