diff options
author | Eduardo Chappa <chappa@washington.edu> | 2019-07-05 19:50:13 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2019-07-05 19:50:13 -0600 |
commit | a669e49d690441bf6e52984855a6fa15b46451d5 (patch) | |
tree | 7a4e051849c4bde454886045793c1b0cc8defcf3 /imap/src/osdep | |
parent | d8d2ee522af2fdb67476ca49f05bdcea045f1a73 (diff) | |
download | alpine-a669e49d690441bf6e52984855a6fa15b46451d5.tar.xz |
* Fix compilation error produced when a specific encryption protocol
has been disabled during the compilation of the Openssl library.
Diffstat (limited to 'imap/src/osdep')
-rw-r--r-- | imap/src/osdep/unix/ssl_unix.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c index 2362cc03..04da2d34 100644 --- a/imap/src/osdep/unix/ssl_unix.c +++ b/imap/src/osdep/unix/ssl_unix.c @@ -248,18 +248,43 @@ const SSL_METHOD *ssl_connect_mthd(int flag, int *min, int *max) if(client_request < *min || client_request > *max) return NIL; /* out of range? bail out */ + /* Some Linux distributors seem to believe that it is ok to disable some of + * these methods for their users, so we have to test that every requested + * method has actually been compiled in into their openssl/libressl library. + * Oh well... + */ #ifndef OPENSSL_1_1_0 if(client_request == SSL3_VERSION) +#ifndef OPENSSL_NO_SSL3_METHOD return SSLv3_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_SSL3_METHOD */ else if(client_request == TLS1_VERSION) +#ifndef OPENSSL_NO_TLS1_METHOD return TLSv1_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_TLS1_METHOD */ else if(client_request == TLS1_1_VERSION) +#ifndef OPENSSL_NO_TLS1_1_METHOD return TLSv1_1_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_TLS1_1_METHOD */ else if(client_request == TLS1_2_VERSION) +#ifndef OPENSSL_NO_TLS1_2_METHOD return TLSv1_2_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_TLS1_2_METHOD */ #ifdef TLS1_3_VERSION /* this is only reachable if TLS1_3 support exists */ else if(client_request == TLS1_3_VERSION) +#ifndef OPENSSL_NO_TLS1_3_METHOD return TLS_client_method(); +#else + return NIL; +#endif /* #ifndef OPENSSL_NO_TLS1_2_METHOD */ #endif /* TLS1_3_VERSION */ #endif /* ifndef OPENSSL_1_1_0 */ |