diff --git a/doc/api/cli.md b/doc/api/cli.md

index fdc1d790f1..619a9b11c4 100644

--- a/doc/api/cli.md

+++ b/doc/api/cli.md

@@ -670,14 +670,6 @@ added: v12.0.0

 Set [`tls.DEFAULT_MAX_VERSION`][] to 'TLSv1.2'. Use to disable support for

 TLSv1.3.

-### `--tls-max-v1.3`

-

-added: v12.0.0

--->

-

-Set default [`tls.DEFAULT_MAX_VERSION`][] to 'TLSv1.3'. Use to enable support

-for TLSv1.3.

-

 ### `--tls-min-v1.0`

 added: v12.0.0

@@ -703,14 +695,6 @@ Set default [`tls.DEFAULT_MIN_VERSION`][] to 'TLSv1.2'. This is the default for

 12.x and later, but the option is supported for compatibility with older Node.js

 versions.

-### `--tls-min-v1.3`

-

-added: v12.0.0

--->

-

-Set default [`tls.DEFAULT_MIN_VERSION`][] to 'TLSv1.3'. Use to disable support

-for TLSv1.2, which is not as secure as TLSv1.3.

-

 ### `--trace-deprecation`

 added: v0.8.0

@@ -1042,11 +1026,9 @@ Node.js options that are allowed are:

 - `--title`

 - `--tls-cipher-list`

 - `--tls-max-v1.2`

-- `--tls-max-v1.3`

 - `--tls-min-v1.0`

 - `--tls-min-v1.1`

 - `--tls-min-v1.2`

-- `--tls-min-v1.3`

 - `--trace-deprecation`

 - `--trace-event-categories`

 - `--trace-event-file-pattern`

diff --git a/lib/_tls_common.js b/lib/_tls_common.js

index efe9040956..a88bbdc7fd 100644

--- a/lib/_tls_common.js

+++ b/lib/_tls_common.js

@@ -49,7 +49,7 @@ function toV(which, v, def) {

   if (v === 'TLSv1') return TLS1_VERSION;

   if (v === 'TLSv1.1') return TLS1_1_VERSION;

   if (v === 'TLSv1.2') return TLS1_2_VERSION;

-  if (v === 'TLSv1.3') return TLS1_3_VERSION;

+  if (v === 'TLSv1.3' && TLS1_3_VERSION) return TLS1_3_VERSION;

   throw new ERR_TLS_INVALID_PROTOCOL_VERSION(v, which);

 }

diff --git a/lib/internal/crypto/keygen.js b/lib/internal/crypto/keygen.js

index 0a4bde77fa..33e88e2065 100644

--- a/lib/internal/crypto/keygen.js

+++ b/lib/internal/crypto/keygen.js

@@ -9,10 +9,10 @@ const {

   generateKeyPairDSA,

   generateKeyPairEC,

   generateKeyPairNid,

-  EVP_PKEY_ED25519,

-  EVP_PKEY_ED448,

-  EVP_PKEY_X25519,

-  EVP_PKEY_X448,

+  //EVP_PKEY_ED25519,

+  //EVP_PKEY_ED448,

+  //EVP_PKEY_X25519,

+  //EVP_PKEY_X448,

   OPENSSL_EC_NAMED_CURVE,

   OPENSSL_EC_EXPLICIT_CURVE

 } = internalBinding('crypto');

diff --git a/lib/tls.js b/lib/tls.js

index 2ac43c01d3..429ccfd214 100644

--- a/lib/tls.js

+++ b/lib/tls.js

@@ -62,17 +62,10 @@ else if (getOptionValue('--tls-min-v1.1'))

   exports.DEFAULT_MIN_VERSION = 'TLSv1.1';

 else if (getOptionValue('--tls-min-v1.2'))

   exports.DEFAULT_MIN_VERSION = 'TLSv1.2';

-else if (getOptionValue('--tls-min-v1.3'))

-  exports.DEFAULT_MIN_VERSION = 'TLSv1.3';

 else

   exports.DEFAULT_MIN_VERSION = 'TLSv1.2';

-if (getOptionValue('--tls-max-v1.3'))

-  exports.DEFAULT_MAX_VERSION = 'TLSv1.3';

-else if (getOptionValue('--tls-max-v1.2'))

-  exports.DEFAULT_MAX_VERSION = 'TLSv1.2';

-else

-  exports.DEFAULT_MAX_VERSION = 'TLSv1.3'; // Will depend on node version.

+exports.DEFAULT_MAX_VERSION = 'TLSv1.2'; // Will depend on node version.

 exports.getCiphers = internalUtil.cachedResult(

diff --git a/src/node_constants.cc b/src/node_constants.cc

index 7c9e4ce276..df349e69d6 100644

--- a/src/node_constants.cc

+++ b/src/node_constants.cc

@@ -956,8 +956,12 @@ void DefineCryptoConstants(Local<Object> target) {

     NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_RAND);

 # endif

-# ifdef ENGINE_METHOD_EC

-    NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_EC);

+# ifdef ENGINE_METHOD_ECDH

+    NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_ECDH);

+# endif

+

+# ifdef ENGINE_METHOD_ECDSA

+    NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_ECDSA);

 # endif

 # ifdef ENGINE_METHOD_CIPHERS

@@ -968,6 +972,10 @@ void DefineCryptoConstants(Local<Object> target) {

     NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_DIGESTS);

 # endif

+# ifdef ENGINE_METHOD_STORE

+    NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_STORE);

+# endif

+

 # ifdef ENGINE_METHOD_PKEY_METHS

     NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_PKEY_METHS);

 # endif

diff --git a/src/node_crypto.cc b/src/node_crypto.cc

index e32cdac70c..2af7d03e78 100644

--- a/src/node_crypto.cc

+++ b/src/node_crypto.cc

@@ -55,6 +55,7 @@

 #include <cstring>

 #include <algorithm>

+#include <atomic>

 #include <memory>

 #include <utility>

 #include <vector>

@@ -128,6 +129,230 @@ struct OpenSSLBufferDeleter {

 };

 using OpenSSLBuffer = std::unique_ptr<char[], OpenSSLBufferDeleter>;

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+static void RSA_get0_key(const RSA* r, const BIGNUM** n, const BIGNUM** e,

+                         const BIGNUM** d) {

+  if (n != nullptr) {

+    *n = r->n;

+  }

+  if (e != nullptr) {

+    *e = r->e;

+  }

+  if (d != nullptr) {

+    *d = r->d;

+  }

+}

+

+static void DH_get0_pqg(const DH* dh, const BIGNUM** p, const BIGNUM** q,

+                        const BIGNUM** g) {

+  if (p != nullptr) {

+    *p = dh->p;

+  }

+  if (q != nullptr) {

+    *q = dh->q;

+  }

+  if (g != nullptr) {

+    *g = dh->g;

+  }

+}

+

+static int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g) {

+  if ((dh->p == nullptr && p == nullptr) ||

+      (dh->g == nullptr && g == nullptr)) {

+    return 0;

+  }

+

+  if (p != nullptr) {

+    BN_free(dh->p);

+    dh->p = p;

+  }

+  if (q != nullptr) {

+    BN_free(dh->q);

+    dh->q = q;

+  }

+  if (g != nullptr) {

+    BN_free(dh->g);

+    dh->g = g;

+  }

+

+  return 1;

+}

+

+static void DH_get0_key(const DH* dh, const BIGNUM** pub_key,

+                        const BIGNUM** priv_key) {

+  if (pub_key != nullptr) {

+    *pub_key = dh->pub_key;

+  }

+  if (priv_key != nullptr) {

+    *priv_key = dh->priv_key;

+  }

+}

+

+static int DH_set0_key(DH* dh, BIGNUM* pub_key, BIGNUM* priv_key) {

+  if (pub_key != nullptr) {

+    BN_free(dh->pub_key);

+    dh->pub_key = pub_key;

+  }

+  if (priv_key != nullptr) {

+    BN_free(dh->priv_key);

+    dh->priv_key = priv_key;

+  }

+

+  return 1;

+}

+

+static int EC_GROUP_order_bits(const EC_GROUP *group) {

+  int num_bits = 0;

+  BIGNUM *order = BN_new();

+  BN_CTX *ctx = BN_CTX_new();

+  if (order == nullptr || ctx == nullptr) { goto end; }

+

+  if (EC_GROUP_get_order(group, order, ctx) != 1) { goto end; }

+  num_bits = BN_num_bits(order);

+

+end:

+  BN_CTX_free(ctx), ctx = nullptr;

+  BN_free(order), order = nullptr;

+

+  return num_bits;

+}

+

+static int EVP_PKEY_up_ref(EVP_PKEY *pkey) {

+  int refcount = std::atomic_fetch_add_explicit(

+    reinterpret_cast<std::atomic<int>*>(&pkey->references),

+    1,

+    std::memory_order_relaxed

+  ) + 1;

+  return (refcount > 1) ? 1 : 0;

+}

+static unsigned long EVP_MD_meth_get_flags(const EVP_MD *md) {

+  return md->flags;

+}

+static int EVP_DigestSign(

+  EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,

+  const unsigned char *tbs, size_t tbslen)

+{

+  if (sigret != nullptr && EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0) {

+    return 0;

+  }

+  return EVP_DigestSignFinal(ctx, sigret, siglen);

+}

+static int EVP_DigestVerify(

+  EVP_MD_CTX *ctx, const unsigned char *sigret,

+  size_t siglen, const unsigned char *tbs, size_t tbslen)

+{

+  if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0) {

+    return -1;

+  }

+  return EVP_DigestVerifyFinal(ctx, sigret, siglen);

+}

+

+static const SSL_METHOD* TLS_method() { return SSLv23_method(); }

+

+static void SSL_SESSION_get0_ticket(const SSL_SESSION* s,

+                                    const unsigned char** tick, size_t* len) {

+  *len = s->tlsext_ticklen;

+  if (tick != nullptr) {

+    *tick = s->tlsext_tick;

+  }

+}

+

+#define SSL_get_tlsext_status_type(ssl) (ssl->tlsext_status_type)

+

+static int X509_STORE_up_ref(X509_STORE* store) {

+  CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);

+  return 1;

+}

+

+static int X509_up_ref(X509* cert) {

+  CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);

+  return 1;

+}

+

+HMAC_CTX* HMAC_CTX_new() {

+  HMAC_CTX* ctx = Malloc<HMAC_CTX>(1);

+  HMAC_CTX_init(ctx);

+  return ctx;

+}

+

+// Disable all TLS version lower than the version argument

+int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version) {

+    switch (version) {

+        case TLS1_2_VERSION:

+            SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_1);

+            [[fallthrough]];

+

+        case TLS1_1_VERSION:

+            SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1);

+            [[fallthrough]];

+

+        case TLS1_VERSION:

+            SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2);

+            return 1;

+

+        default:

+            return 0;  // unsupported

+    }

+}

+// Extract minimum supported version. Should be inverse of the setter above.

+int SSL_CTX_get_min_proto_version(SSL_CTX *ctx) {

+  static const auto full_mask = SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1;

+

+  auto opts = SSL_CTX_get_options(ctx);

+

+  switch (opts & full_mask) {

+    case SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1:

+      return TLS1_2_VERSION;

+

+    case SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1:

+      return TLS1_1_VERSION;

+

+    case SSL_OP_NO_SSLv3:

+      return TLS1_VERSION;

+

+    default:

+      return 0;

+  }

+}

+

+// Disable all TLS version higher than the version argument

+int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version) {

+    switch (version) {

+        case TLS1_VERSION:

+            SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_1);

+            [[fallthrough]];

+

+        case TLS1_1_VERSION:

+            SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_2);

+            [[fallthrough]];

+

+        case TLS1_2_VERSION:

+            return 1;

+

+        default:

+            return 0;  // unsupported

+    }

+}

+// Extract maximum supported version. Should be inverse of the setter above.

+int SSL_CTX_get_max_proto_version(SSL_CTX *ctx) {

+  static const auto full_mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;

+

+  auto opts = SSL_CTX_get_options(ctx);

+  switch (opts & full_mask) {

+    case SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2:

+      return TLS1_VERSION;

+

+    case SSL_OP_NO_TLSv1_2:

+      return TLS1_1_VERSION;

+

+    default:

+      return 0;

+  }

+}

+

+#endif  // OPENSSL_VERSION_NUMBER < 0x10100000L

+

+

 static const char* const root_certs[] = {

 #include "node_root_certs.h"  // NOLINT(build/include_order)

 };

@@ -144,11 +369,19 @@ template void SSLWrap<TLSWrap>::AddMethods(Environment* env,

 template void SSLWrap<TLSWrap>::ConfigureSecureContext(SecureContext* sc);

 template void SSLWrap<TLSWrap>::SetSNIContext(SecureContext* sc);

 template int SSLWrap<TLSWrap>::SetCACerts(SecureContext* sc);

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+template SSL_SESSION* SSLWrap<TLSWrap>::GetSessionCallback(

+    SSL* s,

+    unsigned char* key,

+    int len,

+    int* copy);

+#else

 template SSL_SESSION* SSLWrap<TLSWrap>::GetSessionCallback(

     SSL* s,

     const unsigned char* key,

     int len,

     int* copy);

+#endif

 template int SSLWrap<TLSWrap>::NewSessionCallback(SSL* s,

                                                   SSL_SESSION* sess);

 template void SSLWrap<TLSWrap>::KeylogCallback(const SSL* s,

@@ -168,6 +401,35 @@ template int SSLWrap<TLSWrap>::SelectALPNCallback(

     unsigned int inlen,

     void* arg);

+

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+static Mutex* mutexes;

+

+static void crypto_threadid_cb(CRYPTO_THREADID* tid) {

+  static_assert(sizeof(uv_thread_t) <= sizeof(void*),

+                "uv_thread_t does not fit in a pointer");

+  CRYPTO_THREADID_set_pointer(tid, reinterpret_cast<void*>(uv_thread_self()));

+}

+

+

+static void crypto_lock_init(void) {

+  mutexes = new Mutex[CRYPTO_num_locks()];

+}

+

+

+static void crypto_lock_cb(int mode, int n, const char* file, int line) {

+  CHECK(!(mode & CRYPTO_LOCK) ^ !(mode & CRYPTO_UNLOCK));

+  CHECK(!(mode & CRYPTO_READ) ^ !(mode & CRYPTO_WRITE));

+

+  auto mutex = &mutexes[n];

+  if (mode & CRYPTO_LOCK)

+    mutex->Lock();

+  else

+    mutex->Unlock();

+}

+#endif

+

+

 static int PasswordCallback(char* buf, int size, int rwflag, void* u) {

   const char* passphrase = static_cast<char*>(u);

   if (passphrase != nullptr) {

@@ -299,15 +561,10 @@ Maybe<bool> Decorate(Environment* env, Local<Object> obj,

     V(COMP)                                                                   \

     V(ECDSA)                                                                  \

     V(ECDH)                                                                   \

-    V(OSSL_STORE)                                                             \

     V(FIPS)                                                                   \

     V(CMS)                                                                    \

     V(TS)                                                                     \

     V(HMAC)                                                                   \

-    V(CT)                                                                     \

-    V(ASYNC)                                                                  \

-    V(KDF)                                                                    \

-    V(SM2)                                                                    \

     V(USER)                                                                   \

 #define V(name) case ERR_LIB_##name: lib = #name "_"; break;

@@ -533,9 +790,13 @@ void SecureContext::New(const FunctionCallbackInfo<Value>& args) {

   new SecureContext(env, args.This());

 }

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L

 // A maxVersion of 0 means "any", but OpenSSL may support TLS versions that

 // Node.js doesn't, so pin the max to what we do support.

 const int MAX_SUPPORTED_VERSION = TLS1_3_VERSION;

+#else

+const int MAX_SUPPORTED_VERSION = TLS1_2_VERSION;

+#endif

 void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {

   SecureContext* sc;

@@ -548,7 +809,7 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {

   int min_version = args[1].As<Int32>()->Value();

   int max_version = args[2].As<Int32>()->Value();

-  const SSL_METHOD* method = TLS_method();

+  const SSL_METHOD* method = SSLv23_method();

   if (max_version == 0)

     max_version = MAX_SUPPORTED_VERSION;

@@ -582,54 +843,57 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {

       max_version = TLS1_2_VERSION;

     } else if (strcmp(*sslmethod, "SSLv23_server_method") == 0) {

       max_version = TLS1_2_VERSION;

-      method = TLS_server_method();

+      method = SSLv23_server_method();

     } else if (strcmp(*sslmethod, "SSLv23_client_method") == 0) {

       max_version = TLS1_2_VERSION;

-      method = TLS_client_method();

+      method = SSLv23_client_method();

     } else if (strcmp(*sslmethod, "TLS_method") == 0) {

       min_version = 0;

       max_version = MAX_SUPPORTED_VERSION;

     } else if (strcmp(*sslmethod, "TLS_server_method") == 0) {

       min_version = 0;

       max_version = MAX_SUPPORTED_VERSION;

-      method = TLS_server_method();

+      method = SSLv23_server_method();

     } else if (strcmp(*sslmethod, "TLS_client_method") == 0) {

       min_version = 0;

       max_version = MAX_SUPPORTED_VERSION;

-      method = TLS_client_method();

+      method = SSLv23_client_method();

     } else if (strcmp(*sslmethod, "TLSv1_method") == 0) {

       min_version = TLS1_VERSION;

       max_version = TLS1_VERSION;

+      method = TLSv1_method();

     } else if (strcmp(*sslmethod, "TLSv1_server_method") == 0) {

       min_version = TLS1_VERSION;

       max_version = TLS1_VERSION;

-      method = TLS_server_method();

+      method = TLSv1_server_method();

     } else if (strcmp(*sslmethod, "TLSv1_client_method") == 0) {

       min_version = TLS1_VERSION;

       max_version = TLS1_VERSION;

-      method = TLS_client_method();

+      method = TLSv1_client_method();

     } else if (strcmp(*sslmethod, "TLSv1_1_method") == 0) {

       min_version = TLS1_1_VERSION;

       max_version = TLS1_1_VERSION;

+      method = TLSv1_1_method();

     } else if (strcmp(*sslmethod, "TLSv1_1_server_method") == 0) {

       min_version = TLS1_1_VERSION;

       max_version = TLS1_1_VERSION;

-      method = TLS_server_method();

+      method = TLSv1_1_server_method();

     } else if (strcmp(*sslmethod, "TLSv1_1_client_method") == 0) {

       min_version = TLS1_1_VERSION;

       max_version = TLS1_1_VERSION;

-      method = TLS_client_method();

+      method = TLSv1_1_client_method();

     } else if (strcmp(*sslmethod, "TLSv1_2_method") == 0) {

       min_version = TLS1_2_VERSION;

       max_version = TLS1_2_VERSION;

+      method = TLSv1_2_method();

     } else if (strcmp(*sslmethod, "TLSv1_2_server_method") == 0) {

       min_version = TLS1_2_VERSION;

       max_version = TLS1_2_VERSION;

-      method = TLS_server_method();

+      method = TLSv1_2_server_method();

     } else if (strcmp(*sslmethod, "TLSv1_2_client_method") == 0) {

       min_version = TLS1_2_VERSION;

       max_version = TLS1_2_VERSION;

-      method = TLS_client_method();

+      method = TLSv1_2_client_method();

     } else {

       const std::string msg("Unknown method: ");

       THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, (msg + * sslmethod).c_str());

@@ -659,9 +923,16 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {

                                  SSL_SESS_CACHE_NO_INTERNAL |

                                  SSL_SESS_CACHE_NO_AUTO_CLEAR);

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+  if (max_version == 0) {

+    // Selecting some secureProtocol methods allows the TLS version to be "any

+    // supported", but we don't support TLSv1.3, even if OpenSSL does.

+    max_version = TLS1_2_VERSION;

+  }

+#endif

   SSL_CTX_set_min_proto_version(sc->ctx_.get(), min_version);

   SSL_CTX_set_max_proto_version(sc->ctx_.get(), max_version);

-

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L

   // OpenSSL 1.1.0 changed the ticket key size, but the OpenSSL 1.0.x size was

   // exposed in the public API. To retain compatibility, install a callback

   // which restores the old algorithm.

@@ -671,6 +942,7 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {

     return env->ThrowError("Error generating ticket keys");

   }

   SSL_CTX_set_tlsext_ticket_key_cb(sc->ctx_.get(), TicketCompatibilityCallback);

+#endif

 }

@@ -1131,6 +1403,7 @@ void SecureContext::SetCiphers(const FunctionCallbackInfo<Value>& args) {

   CHECK_EQ(args.Length(), 1);

   CHECK(args[0]->IsString());

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L

   const node::Utf8Value ciphers(args.GetIsolate(), args[0]);

   if (!SSL_CTX_set_cipher_list(sc->ctx_.get(), *ciphers)) {

     unsigned long err = ERR_get_error();  // NOLINT(runtime/int)

@@ -1146,6 +1419,32 @@ void SecureContext::SetCiphers(const FunctionCallbackInfo<Value>& args) {

       // that's actually an error.

       return;

     }

+#else

+  // Note: set_ciphersuites() is for TLSv1.3 and was introduced in openssl

+  // 1.1.1, set_cipher_list() is for TLSv1.2 and earlier.

+  //

+  // In openssl 1.1.0, set_cipher_list() would error if it resulted in no

+  // TLSv1.2 (and earlier) cipher suites, and there is no TLSv1.3 support.

+  //

+  // In openssl 1.1.1, set_cipher_list() will not error if it results in no

+  // TLSv1.2 cipher suites if there are any TLSv1.3 cipher suites, which there

+  // are by default. There will be an error later, during the handshake, but

+  // that results in an async error event, rather than a sync error thrown,

+  // which is a semver-major change for the tls API.

+  //

+  // Since we don't currently support TLSv1.3, work around this by removing the

+  // TLSv1.3 cipher suites, so we get backwards compatible synchronous errors.

+  const node::Utf8Value ciphers(args.GetIsolate(), args[0]);

+  if (

+#if defined(TLS1_3_VERSION) && !defined(OPENSSL_IS_BORINGSSL)

+      !SSL_CTX_set_ciphersuites(sc->ctx_.get(), "") ||

+#endif

+      !SSL_CTX_set_cipher_list(sc->ctx_.get(), *ciphers)) {

+    unsigned long err = ERR_get_error();  // NOLINT(runtime/int)

+    if (!err) {

+      return env->ThrowError("Failed to set ciphers");

+    }

+#endif

     return ThrowCryptoError(env, err);

   }

 }

@@ -1163,6 +1462,11 @@ void SecureContext::SetECDHCurve(const FunctionCallbackInfo<Value>& args) {

   node::Utf8Value curve(env->isolate(), args[0]);

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+  SSL_CTX_set_options(sc->ctx_.get(), SSL_OP_SINGLE_ECDH_USE);

+  SSL_CTX_set_ecdh_auto(sc->ctx_.get(), 1);

+#endif

+

   if (strcmp(*curve, "auto") == 0)

     return;

@@ -1468,9 +1772,17 @@ void SecureContext::GetTicketKeys(const FunctionCallbackInfo<Value>& args) {

   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());

   Local<Object> buff = Buffer::New(wrap->env(), 48).ToLocalChecked();

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L

   memcpy(Buffer::Data(buff), wrap->ticket_key_name_, 16);

   memcpy(Buffer::Data(buff) + 16, wrap->ticket_key_hmac_, 16);

   memcpy(Buffer::Data(buff) + 32, wrap->ticket_key_aes_, 16);

+#else

+  if (SSL_CTX_set_tlsext_ticket_keys(wrap->ctx_.get(),

+                                     Buffer::Data(buff),

+                                     Buffer::Length(buff)) != 1) {

+    return wrap->env()->ThrowError("Failed to fetch tls ticket keys");

+  }

+#endif

   args.GetReturnValue().Set(buff);

 #endif  // !def(OPENSSL_NO_TLSEXT) && def(SSL_CTX_get_tlsext_ticket_keys)

@@ -1506,6 +1818,14 @@ void SecureContext::SetTicketKeys(const FunctionCallbackInfo<Value>& args) {

 void SecureContext::SetFreeListLength(const FunctionCallbackInfo<Value>& args) {

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+  // |freelist_max_len| was removed in OpenSSL 1.1.0. In that version OpenSSL

+  // mallocs and frees buffers directly, without the use of a freelist.

+  SecureContext* wrap;

+  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());

+

+  wrap->ctx_->freelist_max_len = args[0].As<Int32>()->Value();

+#endif

 }

@@ -1608,6 +1928,7 @@ int SecureContext::TicketKeyCallback(SSL* ssl,

 }

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L

 int SecureContext::TicketCompatibilityCallback(SSL* ssl,

                                                unsigned char* name,

                                                unsigned char* iv,

@@ -1642,6 +1963,7 @@ int SecureContext::TicketCompatibilityCallback(SSL* ssl,

   }

   return 1;

 }

+#endif

 void SecureContext::CtxGetter(const FunctionCallbackInfo<Value>& info) {

@@ -1719,11 +2041,19 @@ void SSLWrap<Base>::ConfigureSecureContext(SecureContext* sc) {

 }

+#if OPENSSL_VERSION_NUMBER < 0x10100000L

+template <class Base>

+SSL_SESSION* SSLWrap<Base>::GetSessionCallback(SSL* s,

+                                               unsigned char* key,

+                                               int len,

+                                               int* copy) {

+#else

 template <class Base>

 SSL_SESSION* SSLWrap<Base>::GetSessionCallback(SSL* s,

                                                const unsigned char* key,

                                                int len,

                                                int* copy) {

+#endif

   Base* w = static_cast<Base*>(SSL_get_app_data(s));

   *copy = 0;

@@ -2488,6 +2818,7 @@ void SSLWrap<Base>::GetEphemeralKeyInfo(

             .Check();

         break;

       case EVP_PKEY_EC:

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L

       case EVP_PKEY_X25519:

       case EVP_PKEY_X448:

         {

@@ -2510,6 +2841,21 @@ void SSLWrap<Base>::GetEphemeralKeyInfo(

                                  EVP_PKEY_bits(key.get()))).Check();

         }

         break;

+#else

+        {

+          EC_KEY* ec = EVP_PKEY_get1_EC_KEY(key.get());

+          int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));

+          EC_KEY_free(ec);

+          info->Set(context, env->type_string(),

+                    FIXED_ONE_BYTE_STRING(env->isolate(), "ECDH")).Check();

+          info->Set(context, env->name_string(),

+                    OneByteString(args.GetIsolate(),

+                                  OBJ_nid2sn(nid))).Check();

+          info->Set(context, env->size_string(),

+                    Integer::New(env->isolate(),

+                                  EVP_PKEY_bits(key.get()))).Check();

+         }

+#endif

       default:

         break;

     }

@@ -3735,12 +4081,15 @@ Local<Value> KeyObject::GetAsymmetricKeyType() const {

   switch (EVP_PKEY_id(this->asymmetric_key_.get())) {

   case EVP_PKEY_RSA:

     return env()->crypto_rsa_string();

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L