** since it would otherwise have to abort the connection anyway. This
** option supersedes ``$$ssl_starttls''.
*/
- bool starttls = 1;
- /*
- ** .pp
- ** If \fIset\fP (the default), Madmutt will attempt to use STARTTLS on servers
- ** advertising the capability. When \fIunset\fP, Madmutt will not attempt to
- ** use STARTTLS regardless of the server's capabilities.
- */
bool use_sslv3 = 1;
/*
** .pp
** This variables specifies whether to attempt to use SSLv3 in the
** SSL authentication process.
*/
- bool use_tlsv1 = 1;
- /*
- ** .pp
- ** This variables specifies whether to attempt to use TLSv1 in the
- ** SSL authentication process.
- */
-
- int min_dh_prime_bits = 0;
- /*
- ** .pp
- ** This variable specifies the minimum acceptable prime size (in bits)
- ** for use in any Diffie-Hellman key exchange. A value of 0 will use
- ** the default from the GNUTLS library.
- */
path_t cert_file = luaM_pathnew("~/.cache/madmutt/certificates");
/*
gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr)(intptr_t)conn->fd);
/* disable TLS/SSL protocols as needed */
- if (!mod_ssl.use_tlsv1 && !mod_ssl.use_sslv3) {
- mutt_error (_("All available protocols for TLS/SSL connection disabled"));
- goto fail;
- }
- else if (!mod_ssl.use_tlsv1) {
- protocol_priority[0] = GNUTLS_SSL3;
- protocol_priority[1] = 0;
- }
- else if (!mod_ssl.use_sslv3) {
+ if (!mod_ssl.use_sslv3) {
protocol_priority[0] = GNUTLS_TLS1;
protocol_priority[1] = 0;
}
gnutls_set_default_priority (data->state);
gnutls_protocol_set_priority (data->state, protocol_priority);
- if (mod_ssl.min_dh_prime_bits > 0) {
- gnutls_dh_set_prime_bits(data->state, mod_ssl.min_dh_prime_bits);
- }
-
/*
gnutls_set_cred (data->state, GNUTLS_ANON, NULL);
*/
projects / apps / madmutt.git / blobdiff