cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 15:38:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

sendmail: Add OpenSSL 1.1 support

Browse Source 
First patch is from Debian and enables OpenSSL 1.1 support.

Second patch is a fix for OpenSSL 1.1 ECC curves.

Third patch allows compilation without deprecated APIs.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
This commit is contained in:
Rosen Penev
2018-12-02 17:14:38 -08:00
parent d26f7e5a47
commit 035f7deb2d
4 changed files with 352 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mail/sendmail/patches/201-openssl-1.1.1-ecdhe.patch
+20
View File
@@ -0,0 +1,20 @@
Not needed for 8.16
--- a/sendmail/tls.c
+++ b/sendmail/tls.c
@@ -1325,13 +1325,8 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
}
#if _FFR_TLS_EC
- ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- if (ecdh != NULL)
- {
- SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
- SSL_CTX_set_tmp_ecdh(*ctx, ecdh);
- EC_KEY_free(ecdh);
- }
+ SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
+ SSL_CTX_set_ecdh_auto(*ctx, 1);
#endif /* _FFR_TLS_EC */
}