From a669e49d690441bf6e52984855a6fa15b46451d5 Mon Sep 17 00:00:00 2001 From: Eduardo Chappa Date: Fri, 5 Jul 2019 19:50:13 -0600 Subject: * Fix compilation error produced when a specific encryption protocol has been disabled during the compilation of the Openssl library. --- imap/src/osdep/unix/ssl_unix.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'imap/src/osdep/unix/ssl_unix.c') diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c index 2362cc03..04da2d34 100644 --- a/imap/src/osdep/unix/ssl_unix.c +++ b/imap/src/osdep/unix/ssl_unix.c @@ -248,18 +248,43 @@ const SSL_METHOD *ssl_connect_mthd(int flag, int *min, int *max) if(client_request < *min || client_request > *max) return NIL; /* out of range? bail out */ + /* Some Linux distributors seem to believe that it is ok to disable some of + * these methods for their users, so we have to test that every requested + * method has actually been compiled in into their openssl/libressl library. + * Oh well... + */ #ifndef OPENSSL_1_1_0 if(client_request == SSL3_VERSION) +#ifndef OPENSSL_NO_SSL3_METHOD return SSLv3_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_SSL3_METHOD */ else if(client_request == TLS1_VERSION) +#ifndef OPENSSL_NO_TLS1_METHOD return TLSv1_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_TLS1_METHOD */ else if(client_request == TLS1_1_VERSION) +#ifndef OPENSSL_NO_TLS1_1_METHOD return TLSv1_1_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_TLS1_1_METHOD */ else if(client_request == TLS1_2_VERSION) +#ifndef OPENSSL_NO_TLS1_2_METHOD return TLSv1_2_client_method(); +#else + return NIL; +#endif /* OPENSSL_NO_TLS1_2_METHOD */ #ifdef TLS1_3_VERSION /* this is only reachable if TLS1_3 support exists */ else if(client_request == TLS1_3_VERSION) +#ifndef OPENSSL_NO_TLS1_3_METHOD return TLS_client_method(); +#else + return NIL; +#endif /* #ifndef OPENSSL_NO_TLS1_2_METHOD */ #endif /* TLS1_3_VERSION */ #endif /* ifndef OPENSSL_1_1_0 */ -- cgit v1.2.3-54-g00ecf