diff options
| author | Eduardo Chappa <chappa@washington.edu> | 2019-05-23 11:48:27 -0600 |
|---|---|---|
| committer | Eduardo Chappa <chappa@washington.edu> | 2019-05-23 11:48:27 -0600 |
| commit | 09a4760e6cbbda5c22c9935cfbfaadbae380056e (patch) | |
| tree | e7e38b0fbb6df05fb59ca833972fce37dd04032e | |
| parent | 74c603fbc6397e08b4914f535fcbc2361096bcf5 (diff) | |
| download | alpine-09a4760e6cbbda5c22c9935cfbfaadbae380056e.tar.xz | |
* Code to limit versions of the encryption protocol uses old calls,
and not the new calls.
| -rw-r--r-- | imap/src/osdep/unix/ssl_unix.c | 16 | ||||
| -rw-r--r-- | pith/pine.hlp | 2 |
2 files changed, 5 insertions, 13 deletions
diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c index 21bf55e..2362cc0 100644 --- a/imap/src/osdep/unix/ssl_unix.c +++ b/imap/src/osdep/unix/ssl_unix.c @@ -333,6 +333,7 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags) X509 *cert; unsigned long sl,tl; int min, max; + int masklow, maskhigh; char *s,*t,*err,tmp[MAILTMPLEN], buf[256]; sslcertificatequery_t scq = (sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL); @@ -345,18 +346,9 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags) if (!(stream->context = SSL_CTX_new (ssl_connect_mthd(flags, &min, &max)))) return "SSL context failed"; SSL_CTX_set_options (stream->context,0); -#ifdef OPENSSL_1_1_0 - if(stream->context != NIL && - ((min != 0 && SSL_CTX_set_min_proto_version(stream->context, min) == 0) || - (max != 0 && SSL_CTX_set_max_proto_version(stream->context, max) == 0))) - return "SSL set protocol version Failed"; -#else - { int masklow, maskhigh; - masklow = ssl_disable_mask(min, -1); - maskhigh = ssl_disable_mask(max, 1); - SSL_CTX_set_options(stream->context, masklow|maskhigh); - } -#endif /* OPENSSL_1_1_0 */ + masklow = ssl_disable_mask(min, -1); + maskhigh = ssl_disable_mask(max, 1); + SSL_CTX_set_options(stream->context, masklow|maskhigh); /* disable certificate validation? */ if (flags & NET_NOVALIDATECERT) SSL_CTX_set_verify (stream->context,SSL_VERIFY_NONE,NIL); diff --git a/pith/pine.hlp b/pith/pine.hlp index ae72270..791ab59 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 339 2019-05-08 16:04:25 +Alpine Commit 340 2019-05-23 11:39:32 ============= h_news ================= <HTML> <HEAD> |