From de45ea41e6143bbdd3065488af6cd89f66b2e25b Mon Sep 17 00:00:00 2001 From: Pierre Habouzit Date: Fri, 11 Jan 2008 23:23:39 +0100 Subject: [PATCH 1/1] remove useless ssl options Signed-off-by: Pierre Habouzit --- lib-sys/mutt_ssl.cpkg | 28 +--------------------------- 1 file changed, 1 insertion(+), 27 deletions(-) diff --git a/lib-sys/mutt_ssl.cpkg b/lib-sys/mutt_ssl.cpkg index 4dddccd..5623938 100644 --- a/lib-sys/mutt_ssl.cpkg +++ b/lib-sys/mutt_ssl.cpkg @@ -44,20 +44,6 @@ ** This variables specifies whether to attempt to use SSLv3 in the ** SSL authentication process. */ - bool use_tlsv1 = 1; - /* - ** .pp - ** This variables specifies whether to attempt to use TLSv1 in the - ** SSL authentication process. - */ - - int min_dh_prime_bits = 0; - /* - ** .pp - ** This variable specifies the minimum acceptable prime size (in bits) - ** for use in any Diffie-Hellman key exchange. A value of 0 will use - ** the default from the GNUTLS library. - */ path_t cert_file = luaM_pathnew("~/.cache/madmutt/certificates"); /* @@ -244,15 +230,7 @@ static int tls_negotiate (CONNECTION * conn) gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr)(intptr_t)conn->fd); /* disable TLS/SSL protocols as needed */ - if (!mod_ssl.use_tlsv1 && !mod_ssl.use_sslv3) { - mutt_error (_("All available protocols for TLS/SSL connection disabled")); - goto fail; - } - else if (!mod_ssl.use_tlsv1) { - protocol_priority[0] = GNUTLS_SSL3; - protocol_priority[1] = 0; - } - else if (!mod_ssl.use_sslv3) { + if (!mod_ssl.use_sslv3) { protocol_priority[0] = GNUTLS_TLS1; protocol_priority[1] = 0; } @@ -266,10 +244,6 @@ static int tls_negotiate (CONNECTION * conn) gnutls_set_default_priority (data->state); gnutls_protocol_set_priority (data->state, protocol_priority); - if (mod_ssl.min_dh_prime_bits > 0) { - gnutls_dh_set_prime_bits(data->state, mod_ssl.min_dh_prime_bits); - } - /* gnutls_set_cred (data->state, GNUTLS_ANON, NULL); */ -- 2.20.1