21 lines
926 B
Diff
21 lines
926 B
Diff
|
Index: libesmtp-1.0.6/smtp-tls.c
|
||
|
|
===================================================================
|
||
|
|
--- libesmtp-1.0.6.orig/smtp-tls.c
|
||
|
|
+++ libesmtp-1.0.6/smtp-tls.c
|
||
|
|
@@ -201,8 +201,13 @@ starttls_create_ctx (smtp_session_t sess
|
||
|
|
3207. Servers typically support SSL as well as TLS because some
|
||
|
|
versions of Netscape do not support TLS. I am assuming that all
|
||
|
|
currently deployed servers correctly support TLS. */
|
||
|
|
- ctx = SSL_CTX_new (TLSv1_client_method ());
|
||
|
|
-
|
||
|
|
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
|
||
|
|
+ ctx = SSL_CTX_new (TLS_client_method());
|
||
|
|
+ SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
|
||
|
|
+#else
|
||
|
|
+ ctx = SSL_CTX_new (SSLv23_client_method ());
|
||
|
|
+ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
|
||
|
|
+#endif
|
||
|
|
/* Load our keys and certificates. To avoid messing with configuration
|
||
|
|
variables etc, use fixed paths for the certificate store. These are
|
||
|
|
as follows :-
|