diff options
| author | Eduardo Chappa <chappa@washington.edu> | 2018-09-29 22:59:37 -0600 |
|---|---|---|
| committer | Eduardo Chappa <chappa@washington.edu> | 2018-09-29 22:59:37 -0600 |
| commit | 924c47dd50a7b74136b8a60e9ea8d347ff65425b (patch) | |
| tree | bcbaaeb98807a7cb12bf16188c66a5ea938d0255 /imap/src/osdep/unix/ssl_unix.c | |
| parent | 879f42fa445aa684ffbab7d404941a9d24a4863a (diff) | |
| download | alpine-924c47dd50a7b74136b8a60e9ea8d347ff65425b.tar.xz | |
* Add the /tls1_3 modifier to establish connections use the TLS protocol
version 1.3.
Diffstat (limited to 'imap/src/osdep/unix/ssl_unix.c')
| -rw-r--r-- | imap/src/osdep/unix/ssl_unix.c | 67 |
1 files changed, 50 insertions, 17 deletions
diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c index 4c4d6ef8..ffd37775 100644 --- a/imap/src/osdep/unix/ssl_unix.c +++ b/imap/src/osdep/unix/ssl_unix.c @@ -36,15 +36,30 @@ #ifdef OPENSSL_1_1_0 #include <rsa.h> #include <bn.h> +#ifdef TLSv1_client_method +#undef TLSv1_client_method +#endif /* TLSv1_client_method */ #ifdef TLSv1_1_client_method #undef TLSv1_1_client_method #endif /* TLSv1_1_client_method */ #ifdef TLSv1_2_client_method #undef TLSv1_2_client_method #endif /* TLSv1_2_client_method */ +#ifdef DTLSv1_client_method +#undef DTLSv1_client_method +#endif /* DTLSv1_client_method */ +#ifdef DTLSv1_2_client_method +#undef DTLSv1_2_client_method +#endif /* DTLSv1_2_client_method */ +#define TLSv1_client_method TLS_client_method #define TLSv1_1_client_method TLS_client_method #define TLSv1_2_client_method TLS_client_method +#define DTLSv1_client_method DTLS_client_method +#define DTLSv1_2_client_method DTLS_client_method #endif /* OPENSSL_1_1_0 */ +#ifndef DTLSv1_2_client_method +#define DTLSv1_2_client_method DTLSv1_client_method +#endif /* DTLSv1_2_client_method */ #undef STRING #undef crypt @@ -186,26 +201,44 @@ SSLSTREAM *ssl_aopen (NETMBX *mb,char *service,char *usrbuf) */ const SSL_METHOD *ssl_connect_mthd(int flag) { -#ifdef OPENSSL_1_1_0 - if(flag & NET_TRYTLS1) - return TLS_client_method(); + if (flag & NET_TRYTLS1) +#ifndef OPENSSL_NO_TLS1_METHOD + return TLSv1_client_method(); #else - if(flag & NET_TRYTLS1) - return TLSv1_client_method(); -#endif /* OPENSSL_1_1_0 */ -#ifdef TLSV1_2 - else if(flag & NET_TRYTLS1_1) - return TLSv1_1_client_method(); - else if(flag & NET_TRYTLS1_2) - return TLSv1_2_client_method(); -#endif /* TLSV1_2 */ -#ifdef OPENSSL_1_1_0 - else if(flag & NET_TRYDTLS1) - return DTLS_client_method(); + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_METHOD */ + + else if(flag & NET_TRYTLS1_1) +#ifndef OPENSSL_NO_TLS1_1_METHOD + return TLSv1_1_client_method(); +#else + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_1_METHOD */ + + else if(flag & NET_TRYTLS1_2) +#ifndef OPENSSL_NO_TLS1_2_METHOD + return TLSv1_2_client_method(); #else + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_2_METHOD */ + + else if(flag & NET_TRYTLS1_3) + return TLS_client_method(); + else if(flag & NET_TRYDTLS1) - return DTLSv1_client_method(); -#endif /* OPENSSL_1_1_0 */ +#ifndef OPENSSL_NO_DTLS1_METHOD + return DTLSv1_client_method(); +#else + return DTLS_client_method(); +#endif /* OPENSSL_NO_DTLS1_METHOD */ + + else if(flag & NET_TRYDTLS1_2) +#ifndef OPENSSL_NO_DTLS1_METHOD + return DTLSv1_2_client_method(); +#else + return DTLS_client_method(); +#endif /* OPENSSL_NO_DTLS1_METHOD */ + else return SSLv23_client_method(); } |