Index: generic/gen_dh_params
==================================================================
--- generic/gen_dh_params
+++ generic/gen_dh_params
@@ -12,11 +12,16 @@
 			;;
 	esac
 done
 
 openssl_dhparam1() {
-	if openssl dhparam -C "$@" | sed	\
+	dir=''
+	if [ -n "${OPENSSL}" ]; then
+	    dir="${OPENSSL}/"
+	fi
+
+	if ${dir}openssl dhparam -C "$@" | sed	\
 	    -e 's/^\(static \)*DH \*get_dh[0-9]*/static DH *get_dhParams/'	\
 	    -e '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'
 	then
 		return 0
 	fi
@@ -24,21 +29,31 @@
 	return 1
 }
 
 # OpenSSL 3.0 openssl-dhparam has no "-C" option, so we emulate it here
 openssl_dhparam3() {
+	dir=''
+	if [ -n "${OPENSSL}" ]; then
+	    dir="${OPENSSL}/"
+	fi
+
 	cat << \_EOF_
 #include <openssl/dh.h>
 #include <openssl/bn.h>
 static DH *get_dhParams(void) {
 	static unsigned char dhp[] = {
 _EOF_
 
-	openssl dhparam -text "$@" | \
+	if ${dir}openssl dhparam -text "$@" | \
 	    sed -E -e '/^---/,/^---/d' \
 		-e '/(DH|prime|generator|P|G|recommended)/d' \
 		-e 's/([0-9a-h]{2})(:|$$)/0x\1, /g'
+	then
+		break
+	else
+		return 1
+	fi
 
 	cat << \_EOF_
 	};
 	static unsigned char dhg[] = {
 		0x02,
@@ -277,18 +292,11 @@
 	}
 
 	dhp_bn = BN_bin2bn(dhp, sizeof (dhp), NULL);
 	dhg_bn = BN_bin2bn(dhg, sizeof (dhg), NULL);
 
-#ifdef TCLTLS_OPENSSL_PRE_1_1_API
-	dh->p = dhp_bn;
-	dh->g = dhg_bn;
-
-	if (dhp_bn == NULL || dhg_bn == NULL) {
-#else
 	if (dhp_bn == NULL || dhg_bn == NULL || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-#endif
 		DH_free(dh);
 		BN_free(dhp_bn);
 		BN_free(dhg_bn);
 		return(NULL);
 	}