Skip to content

Commit

Permalink
tls: Use automatic DH parameter selection with OpenSSL 1.1.0 and later,
Browse files Browse the repository at this point in the history 
rather than only for 3.0.0+.
  • Loading branch information
@notroj
notroj committed Dec 2, 2024
1 parent fdf228c commit 48d35dc
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion imap/tls.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1020,7 +1020,7 @@ EXPORTED int tls_init_serverengine(const char *ident,
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
#endif

#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
#if (OPENSSL_VERSION_NUMBER >= 0x10101000L)
SSL_CTX_set_dh_auto(s_ctx, 1);
#elif (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
/* Load DH params for DHE-* key exchanges */
Expand Down
2 changes: 1 addition & 1 deletion lib/imapoptions
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3139,7 +3139,7 @@ product version in the capabilities

{ "tls_server_dhparam", NULL, STRING, "3.1.4" }
/* File containing the DH parameters belonging to the certificate in
tls_server_cert. Used by OpenSSL before version 3.0. */
tls_server_cert. Used by OpenSSL before version 1.1.1. */

{ "tls_server_key", NULL, STRING, "3.1.8" }
/* File containing the private key belonging to the certificate in
Expand Down

0 comments on commit 48d35dc

Please sign in to comment.