From 1636e472021b0bb673183ce9f0c84f86d26c08cd Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Wed, 2 Dec 2020 22:39:48 +0000
Subject: [PATCH] libressl does not support SSL_CTX_set_ciphersuites.

---
 src/conf.c | 4 ++--
 src/net.c  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/conf.c b/src/conf.c
index 32735ea9..d6918d30 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -1180,11 +1180,11 @@ int config__read_file_core(struct mosquitto__config *config, bool reload, struct
 					log__printf(NULL, MOSQ_LOG_WARNING, "Warning: TLS support not available.");
 #endif
 				}else if(!strcmp(token, "ciphers_tls1.3")){
-#ifdef WITH_TLS
+#if defined(WITH_TLS) && !defined(LIBRESSL_VERSION_NUMBER)
 					if(reload) continue; /* Listeners not valid for reloading. */
 					if(conf__parse_string(&token, "ciphers_tls1.3", &cur_listener->ciphers_tls13, saveptr)) return MOSQ_ERR_INVAL;
 #else
-					log__printf(NULL, MOSQ_LOG_WARNING, "Warning: TLS support not available.");
+					log__printf(NULL, MOSQ_LOG_WARNING, "Warning: ciphers_tls1.3 support not available.");
 #endif
 				}else if(!strcmp(token, "clientid") || !strcmp(token, "remote_clientid")){
 #ifdef WITH_BRIDGE
diff --git a/src/net.c b/src/net.c
index 4c913adf..b4cfdcb7 100644
--- a/src/net.c
+++ b/src/net.c
@@ -394,7 +394,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener)
 			return MOSQ_ERR_TLS;
 		}
 	}
-#if OPENSSL_VERSION_NUMBER >= 0x10101000
+#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(LIBRESSL_VERSION_NUMBER)
 	if(listener->ciphers_tls13){
 		rc = SSL_CTX_set_ciphersuites(listener->ssl_ctx, listener->ciphers_tls13);
 		if(rc == 0){