pool/mailx
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
mailx/mailx-12.5-openssl-1.1.0f.patch
Dr. Werner Fink bfa610b01a . 
OBS-URL: https://build.opensuse.org/package/show/server:mail/mailx?expand=0&rev=54
2017-06-13 10:12:52 +00:00

85 lines
2.2 KiB
Diff
Raw Blame History

---
mailx.1 | 5 +++++
openssl.c | 29 ++++++++++++++++++++++++++---
2 files changed, 31 insertions(+), 3 deletions(-)
--- mailx.1
+++ mailx.1 2017-06-13 10:10:21.024015088 +0000
@@ -2723,6 +2723,8 @@ Only applicable if SSL/TLS support is bu
Accept SSLv2 connections.
These are normally not allowed
because this protocol version is insecure.
+.br
+.B WARNING: on modern systems SSLv2 as well as SSLv3 are deprecated!
.TP
.B stealthmua
Inhibits the generation of
@@ -3609,6 +3611,9 @@ for a specific account.
Gives the pathname to an entropy daemon socket,
see
.IR RAND_egd (3).
+.br
+.B WARNING: On Linux this API is ignored, use the string option
+.B ssl-rand-file.
.TP
.B ssl-rand-file
Gives the pathname to a file with entropy data,
--- openssl.c
+++ openssl.c 2017-06-13 10:05:15.133697760 +0000
@@ -138,7 +138,12 @@ ssl_rand_init(void)
if ((cp = value("ssl-rand-egd")) != NULL) {
cp = expand(cp);
- if (RAND_egd(cp) == -1) {
+#ifndef OPENSSL_NO_EGD
+ if (RAND_egd(cp) == -1)
+#else
+ if (1)
+#endif
+ {
fprintf(stderr, catgets(catd, CATSET, 245,
"entropy daemon at \"%s\" not available\n"),
cp);
@@ -221,12 +226,13 @@ ssl_select_method(const char *uhp)
cp = ssl_method_string(uhp);
if (cp != NULL) {
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
#ifndef OPENSSL_NO_SSL2
if (equal(cp, "ssl2"))
method = SSLv2_client_method();
else
-#endif
- if (equal(cp, "ssl3"))
+#endif
+ if (equal(cp, "ssl3"))
method = SSLv3_client_method();
else if (equal(cp, "tls1"))
method = TLSv1_client_method();
@@ -235,8 +241,25 @@ ssl_select_method(const char *uhp)
"Invalid SSL method \"%s\"\n"), cp);
method = SSLv23_client_method();
}
+#else
+ method = NULL;
+ if (equal(cp, "tls"))
+ method = TLS_client_method();
+ else if (equal(cp, "dtls"))
+ method = DTLS_client_method();
+
+ if (!method) {
+ fprintf(stderr, catgets(catd, CATSET, 244,
+ "Invalid SSL method \"%s\"\n"), cp);
+ method = TLS_client_method();
+ }
+#endif
} else
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
method = SSLv23_client_method();
+#else
+ method = TLS_client_method();
+#endif
return method;
}
Reference in New Issue View Git Blame Copy Permalink