diff options
author | Eduardo Chappa <chappa@washington.edu> | 2018-09-29 22:59:37 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2018-09-29 22:59:37 -0600 |
commit | 924c47dd50a7b74136b8a60e9ea8d347ff65425b (patch) | |
tree | bcbaaeb98807a7cb12bf16188c66a5ea938d0255 /imap/src/osdep | |
parent | 879f42fa445aa684ffbab7d404941a9d24a4863a (diff) | |
download | alpine-924c47dd50a7b74136b8a60e9ea8d347ff65425b.tar.xz |
* Add the /tls1_3 modifier to establish connections use the TLS protocol
version 1.3.
Diffstat (limited to 'imap/src/osdep')
-rw-r--r-- | imap/src/osdep/nt/ssl_nt.c | 73 | ||||
-rw-r--r-- | imap/src/osdep/unix/ssl_unix.c | 67 |
2 files changed, 103 insertions, 37 deletions
diff --git a/imap/src/osdep/nt/ssl_nt.c b/imap/src/osdep/nt/ssl_nt.c index d352980e..b4d7e1d2 100644 --- a/imap/src/osdep/nt/ssl_nt.c +++ b/imap/src/osdep/nt/ssl_nt.c @@ -37,15 +37,30 @@ #ifdef OPENSSL_1_1_0 #include <rsa.h> #include <bn.h> +#ifdef TLSv1_client_method +#undef TLSv1_client_method +#endif /* TLSv1_client_method */ #ifdef TLSv1_1_client_method -#undef TLSv1_1_client_method +#undef TLSv1_1_client_method #endif /* TLSv1_1_client_method */ #ifdef TLSv1_2_client_method #undef TLSv1_2_client_method #endif /* TLSv1_2_client_method */ +#ifdef DTLSv1_client_method +#undef DTLSv1_client_method +#endif /* DTLSv1_client_method */ +#ifdef DTLSv1_2_client_method +#undef DTLSv1_2_client_method +#endif /* DTLSv1_2_client_method */ +#define TLSv1_client_method TLS_client_method #define TLSv1_1_client_method TLS_client_method #define TLSv1_2_client_method TLS_client_method -#endif /* OPENSSL_1_1_0 */ +#define DTLSv1_client_method DTLS_client_method +#define DTLSv1_2_client_method DTLS_client_method +#endif /* OPENSSL_1_1_0 */ +#ifndef DTLSv1_2_client_method +#define DTLSv1_2_client_method DTLSv1_client_method +#endif /* DTLSv1_2_client_method */ #undef STRING #undef crypt @@ -187,26 +202,44 @@ SSLSTREAM *ssl_aopen (NETMBX *mb,char *service,char *usrbuf) */ const SSL_METHOD *ssl_connect_mthd(int flag) { -#ifdef OPENSSL_1_1_0 - if(flag & NET_TRYTLS1) - return TLS_client_method(); + if (flag & NET_TRYTLS1) +#ifndef OPENSSL_NO_TLS1_METHOD + return TLSv1_client_method(); #else - if(flag & NET_TRYTLS1) - return TLSv1_client_method(); -#endif /* OPENSSL_1_1_0 */ -#ifdef TLSV1_2 - else if(flag & NET_TRYTLS1_1) - return TLSv1_1_client_method(); - else if(flag & NET_TRYTLS1_2) - return TLSv1_2_client_method(); -#endif /* TLSV1_2 */ -#ifdef OPENSSL_1_1_0 - else if(flag & NET_TRYDTLS1) - return DTLS_client_method(); + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_METHOD */ + + else if(flag & NET_TRYTLS1_1) +#ifndef OPENSSL_NO_TLS1_1_METHOD + return TLSv1_1_client_method(); #else - else if(flag & NET_TRYDTLS1) - return DTLSv1_client_method(); -#endif /* OPENSSL_1_1_0 */ + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_1_METHOD */ + + else if(flag & NET_TRYTLS1_2) +#ifndef OPENSSL_NO_TLS1_2_METHOD + return TLSv1_2_client_method(); +#else + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_2_METHOD */ + + else if(flag & NET_TRYTLS1_3) + return TLS_client_method(); + + else if(flag & NET_TRYDTLS1) +#ifndef OPENSSL_NO_DTLS1_METHOD + return DTLSv1_client_method(); +#else + return DTLS_client_method(); +#endif /* OPENSSL_NO_DTLS1_METHOD */ + + else if(flag & NET_TRYDTLS1_2) +#ifndef OPENSSL_NO_DTLS1_METHOD + return DTLSv1_2_client_method(); +#else + return DTLS_client_method(); +#endif /* OPENSSL_NO_DTLS1_METHOD */ + else return SSLv23_client_method(); } diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c index 4c4d6ef8..ffd37775 100644 --- a/imap/src/osdep/unix/ssl_unix.c +++ b/imap/src/osdep/unix/ssl_unix.c @@ -36,15 +36,30 @@ #ifdef OPENSSL_1_1_0 #include <rsa.h> #include <bn.h> +#ifdef TLSv1_client_method +#undef TLSv1_client_method +#endif /* TLSv1_client_method */ #ifdef TLSv1_1_client_method #undef TLSv1_1_client_method #endif /* TLSv1_1_client_method */ #ifdef TLSv1_2_client_method #undef TLSv1_2_client_method #endif /* TLSv1_2_client_method */ +#ifdef DTLSv1_client_method +#undef DTLSv1_client_method +#endif /* DTLSv1_client_method */ +#ifdef DTLSv1_2_client_method +#undef DTLSv1_2_client_method +#endif /* DTLSv1_2_client_method */ +#define TLSv1_client_method TLS_client_method #define TLSv1_1_client_method TLS_client_method #define TLSv1_2_client_method TLS_client_method +#define DTLSv1_client_method DTLS_client_method +#define DTLSv1_2_client_method DTLS_client_method #endif /* OPENSSL_1_1_0 */ +#ifndef DTLSv1_2_client_method +#define DTLSv1_2_client_method DTLSv1_client_method +#endif /* DTLSv1_2_client_method */ #undef STRING #undef crypt @@ -186,26 +201,44 @@ SSLSTREAM *ssl_aopen (NETMBX *mb,char *service,char *usrbuf) */ const SSL_METHOD *ssl_connect_mthd(int flag) { -#ifdef OPENSSL_1_1_0 - if(flag & NET_TRYTLS1) - return TLS_client_method(); + if (flag & NET_TRYTLS1) +#ifndef OPENSSL_NO_TLS1_METHOD + return TLSv1_client_method(); #else - if(flag & NET_TRYTLS1) - return TLSv1_client_method(); -#endif /* OPENSSL_1_1_0 */ -#ifdef TLSV1_2 - else if(flag & NET_TRYTLS1_1) - return TLSv1_1_client_method(); - else if(flag & NET_TRYTLS1_2) - return TLSv1_2_client_method(); -#endif /* TLSV1_2 */ -#ifdef OPENSSL_1_1_0 - else if(flag & NET_TRYDTLS1) - return DTLS_client_method(); + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_METHOD */ + + else if(flag & NET_TRYTLS1_1) +#ifndef OPENSSL_NO_TLS1_1_METHOD + return TLSv1_1_client_method(); +#else + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_1_METHOD */ + + else if(flag & NET_TRYTLS1_2) +#ifndef OPENSSL_NO_TLS1_2_METHOD + return TLSv1_2_client_method(); #else + return TLS_client_method(); +#endif /* OPENSSL_NO_TLS1_2_METHOD */ + + else if(flag & NET_TRYTLS1_3) + return TLS_client_method(); + else if(flag & NET_TRYDTLS1) - return DTLSv1_client_method(); -#endif /* OPENSSL_1_1_0 */ +#ifndef OPENSSL_NO_DTLS1_METHOD + return DTLSv1_client_method(); +#else + return DTLS_client_method(); +#endif /* OPENSSL_NO_DTLS1_METHOD */ + + else if(flag & NET_TRYDTLS1_2) +#ifndef OPENSSL_NO_DTLS1_METHOD + return DTLSv1_2_client_method(); +#else + return DTLS_client_method(); +#endif /* OPENSSL_NO_DTLS1_METHOD */ + else return SSLv23_client_method(); } |