Enable DANE only for OpenSSL 1.1.0 or higher

src/config.c

@@ -74,6 +74,13 @@ LSEC_API int luaopen_ssl_config(lua_State *L)
   lua_pushboolean(L, 1);
   lua_rawset(L, -3);
 
+#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
+  // DANE
+  lua_pushstring(L, "dane");
+  lua_pushboolean(L, 1);
+  lua_rawset(L, -3);
+#endif
+
 #ifndef OPENSSL_NO_EC
   lua_pushstring(L, "curves_list");
   lua_pushboolean(L, 1);

src/context.c

@@ -703,7 +703,7 @@ static int set_alpn_cb(lua_State *L)
   return 1;
 }
 
-
+#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
 /*
  * DANE
  */
@@ -714,6 +714,7 @@ static int set_dane(lua_State *L)
   lua_pushboolean(L, ret);
   return 1;
 }
+#endif
 
 /**
  * Package functions
@@ -733,14 +734,13 @@ static luaL_Reg funcs[] = {
   {"setverify",       set_verify},
   {"setoptions",      set_options},
   {"setmode",         set_mode},
-
 #if !defined(OPENSSL_NO_EC)
   {"setcurve",        set_curve},
   {"setcurveslist",   set_curves_list},
 #endif
-
+#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
   {"setdane",         set_dane},
-
+#endif
   {NULL, NULL}
 };
 

src/ssl.c

@@ -826,6 +826,7 @@ static int meth_copyright(lua_State *L)
   return 1;
 }
 
+#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
 static int meth_dane(lua_State *L)
 {
   p_ssl ssl = (p_ssl)luaL_checkudata(L, 1, "SSL:Connection");
@@ -849,7 +850,7 @@ static int meth_tlsa(lua_State *L)
 
   return 1;
 }
-
+#endif
 
 /*---------------------------------------------------------------------------*/
 
@@ -875,8 +876,10 @@ static luaL_Reg methods[] = {
   {"settimeout",          meth_settimeout},
   {"sni",                 meth_sni},
   {"want",                meth_want},
+#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
   {"setdane",             meth_dane},
   {"settlsa",             meth_tlsa},
+#endif
   {NULL,                  NULL}
 };
 

src/ssl.lua

@@ -201,7 +201,7 @@ local function newcontext(cfg)
       if not succ then return nil, msg end
    end
 
-   if cfg.dane then
+   if config.capabilities.dane and cfg.dane then
       context.setdane(ctx)
    end