@@ -, +, @@ 
- Various initialization functions, also used to check for openssl in
  configure, are deprecated. Added OpenSSL_version_num as fallback in
  configure.
- Use get and set functions for opaque structures
---
 configure.in             | 5 +++++
 src/network/ssl/socket.c | 8 ++++++++
 src/network/ssl/ssl.c    | 3 +++
 3 files changed, 16 insertions(+)
--- a/configure.in	
+++ a/configure.in	
@@ -1006,6 +1006,9 @@ else
 			if test "$cf_result" != yes; then
 				AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/ssl.h>]], [[SSLeay_add_ssl_algorithms()]])],[cf_result=yes],[cf_result=no])
 			fi
+			if test "$cf_result" != yes; then
+				AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/crypto.h>]], [[OpenSSL_version_num()]])],[cf_result=yes],[cf_result=no])
+			fi
 		fi
 	done
 
@@ -1020,6 +1023,8 @@ else
 
 		CFLAGS="$CFLAGS_X"
 		AC_SUBST(OPENSSL_CFLAGS)
+
+		AC_CHECK_FUNCS([SSL_set_options] [SSL_get_SSL_CTX])
 	fi
 fi
 
--- a/src/network/ssl/socket.c	
+++ a/src/network/ssl/socket.c	
@@ -67,7 +67,11 @@ static void
 ssl_set_no_tls(struct socket *socket)
 {
 #ifdef CONFIG_OPENSSL
+#ifdef HAVE_SSL_SET_OPTIONS
+	SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
+#else
 	((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
+#endif /* HAVE_SSL_SET_OPTIONS */
 #elif defined(CONFIG_GNUTLS)
 	{
 		/* GnuTLS does not support SSLv2 because it is "insecure".
@@ -145,7 +149,11 @@ ssl_connect(struct socket *socket)
 		}
 
 		if (client_cert) {
+#ifdef HAVE_SSL_GET_SSL_CTX
+			SSL_CTX *ctx = SSL_get_SSL_CTX(socket->ssl);
+#else
 			SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx;
+#endif /* HAVE_SSL_GET_SSL_CTX */
 
 			SSL_CTX_use_certificate_chain_file(ctx, client_cert);
 			SSL_CTX_use_PrivateKey_file(ctx, client_cert,
--- a/src/network/ssl/ssl.c	
+++ a/src/network/ssl/ssl.c	
@@ -7,6 +7,7 @@ 
 #ifdef CONFIG_OPENSSL
 #include <openssl/ssl.h>
 #include <openssl/rand.h>
+#include <openssl/opensslv.h>
 #elif defined(CONFIG_GNUTLS)
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
@@ -61,7 +62,9 @@ init_openssl(struct module *module)
 	}
 #endif
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSLeay_add_ssl_algorithms();
+#endif
 	context = SSL_CTX_new(SSLv23_client_method());
 	SSL_CTX_set_options(context, SSL_OP_ALL);
 	SSL_CTX_set_default_verify_paths(context);
--