Use new TLS method APIs with new LibreSSL

OpenBSD 5.8 includes LibreSSL 2.2.2, which finally brings the API up to
what they claim it is by implementing the new TLS client and server
method APIs. Therefore, in furtherance of commits a4c8c827 and 1a4e224a
we can build with the new APIs if building against (real) OpenSSL 1.1.0
or LibreSSL 2.2.2.

Reported-by: Juuso Lapinlampi <wub@partyvan.eu>

libratbox/src/openssl.c

@@ -35,6 +35,19 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
+#include <openssl/opensslv.h>
+
+/*
+ * This is a mess but what can you do when the library authors
+ * refuse to play ball with established conventions?
+ */
+#if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x20020002L)
+#  define LRB_HAVE_TLS_METHOD_API 1
+#else
+#  if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+#    define LRB_HAVE_TLS_METHOD_API 1
+#  endif
+#endif
 
 static SSL_CTX *ssl_server_ctx;
 static SSL_CTX *ssl_client_ctx;
@@ -307,7 +320,7 @@ rb_init_ssl(void)
 	SSL_library_init();
 	libratbox_index = SSL_get_ex_new_index(0, libratbox_data, NULL, NULL, NULL);
 
-#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#ifndef LRB_HAVE_TLS_METHOD_API
 	ssl_server_ctx = SSL_CTX_new(SSLv23_server_method());
 #else
 	ssl_server_ctx = SSL_CTX_new(TLS_server_method());
@@ -322,7 +335,7 @@ rb_init_ssl(void)
 
 	long server_options = SSL_CTX_get_options(ssl_server_ctx);
 
-#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#ifndef LRB_HAVE_TLS_METHOD_API
 	server_options |= SSL_OP_NO_SSLv2;
 	server_options |= SSL_OP_NO_SSLv3;
 #endif
@@ -356,7 +369,7 @@ rb_init_ssl(void)
 		}
 	#endif
 
-#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#ifndef LRB_HAVE_TLS_METHOD_API
 	ssl_client_ctx = SSL_CTX_new(TLSv1_client_method());
 #else
 	ssl_client_ctx = SSL_CTX_new(TLS_client_method());