1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
--- a/src/imapfilter.c.orig 2014-11-17 00:36:40.000000000 +0000
+++ b/src/imapfilter.c 2015-12-27 11:04:14.643145411 +0000
@@ -21,7 +21,10 @@
extern buffer ibuf, obuf, nbuf, cbuf;
extern regexp responses[];
-extern SSL_CTX *ssl3ctx, *ssl23ctx, *tls1ctx;
+extern SSL_CTX *ssl23ctx, *tls1ctx;
+#ifndef OPENSSL_NO_SSL3_METHOD
+extern SSL_CTX *ssl3ctx;
+#endif
#if OPENSSL_VERSION_NUMBER >= 0x01000100fL
extern SSL_CTX *tls11ctx, *tls12ctx;
#endif
@@ -51,7 +54,7 @@
opts.config = NULL;
opts.oneline = NULL;
opts.debug = NULL;
- opts.truststore = "/etc/ssl/certs";
+ opts.truststore = "/etc/ssl/cert.pem";
env.home = NULL;
env.pathmax = -1;
@@ -108,7 +111,9 @@
SSL_library_init();
SSL_load_error_strings();
+#ifndef OPENSSL_NO_SSL3_METHOD
ssl3ctx = SSL_CTX_new(SSLv3_client_method());
+#endif
ssl23ctx = SSL_CTX_new(SSLv23_client_method());
tls1ctx = SSL_CTX_new(TLSv1_client_method());
#if OPENSSL_VERSION_NUMBER >= 0x01000100fL
@@ -116,7 +121,9 @@
tls12ctx = SSL_CTX_new(TLSv1_2_client_method());
#endif
if (exists_dir(opts.truststore)) {
+#ifndef OPENSSL_NO_SSL3_METHOD
SSL_CTX_load_verify_locations(ssl3ctx, NULL, opts.truststore);
+#endif
SSL_CTX_load_verify_locations(ssl23ctx, NULL, opts.truststore);
SSL_CTX_load_verify_locations(tls1ctx, NULL, opts.truststore);
#if OPENSSL_VERSION_NUMBER >= 0x01000100fL
@@ -142,7 +149,9 @@
#endif
stop_lua();
+#ifndef OPENSSL_NO_SSL3_METHOD
SSL_CTX_free(ssl3ctx);
+#endif
SSL_CTX_free(ssl23ctx);
SSL_CTX_free(tls1ctx);
#if OPENSSL_VERSION_NUMBER >= 0x01000100fL
|
