diff options
| author | Hajimu UMEMOTO <ume@FreeBSD.org> | 2017-03-15 11:46:58 +0000 |
|---|---|---|
| committer | Hajimu UMEMOTO <ume@FreeBSD.org> | 2017-03-15 11:46:58 +0000 |
| commit | 339f02eabaf99ca237f85e1b3866a4b101d78912 (patch) | |
| tree | ae272a8cd5f8ab8487a4f29f9695a7348e191d4d /mail | |
| parent | e643f5ea511829b345410d7887837028f4ba1851 (diff) | |
Notes
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/cyrus-imapd30/files/patch-imap__tls.c | 31 | ||||
| -rw-r--r-- | mail/cyrus-imapd30/files/patch-imtest__imtest.c | 12 |
2 files changed, 43 insertions, 0 deletions
diff --git a/mail/cyrus-imapd30/files/patch-imap__tls.c b/mail/cyrus-imapd30/files/patch-imap__tls.c new file mode 100644 index 000000000000..393fbbff7eef --- /dev/null +++ b/mail/cyrus-imapd30/files/patch-imap__tls.c @@ -0,0 +1,31 @@ +--- imap/tls.c.orig 2016-07-22 01:55:57 UTC ++++ imap/tls.c +@@ -222,7 +222,7 @@ static RSA *tmp_rsa_cb(SSL * s __attribu + } + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* replacements for new 1.1 API accessors */ + /* XXX probably put these somewhere central */ + static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +@@ -723,7 +723,9 @@ EXPORTED int tls_init_serverengine(c + off |= SSL_OP_ALL; /* Work around all known bugs */ + off |= SSL_OP_NO_SSLv2; /* Disable insecure SSLv2 */ + off |= SSL_OP_NO_SSLv3; /* Disable insecure SSLv3 */ ++#if (OPENSSL_VERSION_NUMBER >= 0x1000000fL) + off |= SSL_OP_NO_COMPRESSION; /* Disable TLS compression */ ++#endif // (OPENSSL_VERSION_NUMBER >= 0x1000000fL) + + const char *tls_versions = config_getstring(IMAPOPT_TLS_VERSIONS); + +@@ -1441,7 +1443,9 @@ HIDDEN int tls_init_clientengine(int ver + off |= SSL_OP_ALL; /* Work around all known bugs */ + off |= SSL_OP_NO_SSLv2; /* Disable insecure SSLv2 */ + off |= SSL_OP_NO_SSLv3; /* Disable insecure SSLv3 */ ++#if (OPENSSL_VERSION_NUMBER >= 0x1000000fL) + off |= SSL_OP_NO_COMPRESSION; /* Disable TLS compression */ ++#endif // (OPENSSL_VERSION_NUMBER >= 0x1000000fL) + + SSL_CTX_set_options(c_ctx, off); + SSL_CTX_set_info_callback(c_ctx, apps_ssl_info_callback); diff --git a/mail/cyrus-imapd30/files/patch-imtest__imtest.c b/mail/cyrus-imapd30/files/patch-imtest__imtest.c new file mode 100644 index 000000000000..2c80ed67bc66 --- /dev/null +++ b/mail/cyrus-imapd30/files/patch-imtest__imtest.c @@ -0,0 +1,12 @@ +--- imtest/imtest.c.orig 2015-11-30 06:30:33 UTC ++++ imtest/imtest.c +@@ -503,7 +503,9 @@ static int tls_init_clientengine(int ver + off |= SSL_OP_ALL; /* Work around all known bugs */ + off |= SSL_OP_NO_SSLv2; /* Disable insecure SSLv2 */ + off |= SSL_OP_NO_SSLv3; /* Disable insecure SSLv3 */ ++#if (OPENSSL_VERSION_NUMBER >= 0x1000000fL) + off |= SSL_OP_NO_COMPRESSION; /* Disable TLS compression */ ++#endif // (OPENSSL_VERSION_NUMBER >= 0x1000000fL) + SSL_CTX_set_options(tls_ctx, off); + SSL_CTX_set_info_callback(tls_ctx, apps_ssl_info_callback); + |