aboutsummaryrefslogtreecommitdiffstats
path: root/socket.c
diff options
context:
space:
mode:
authorEric S. Raymond <esr@thyrsus.com>2001-03-03 21:04:30 +0000
committerEric S. Raymond <esr@thyrsus.com>2001-03-03 21:04:30 +0000
commit59f9b53799063574462dae2a34ebf34a89bc8bbf (patch)
tree55923b88bf9631fe19d38670a707fd2b5a44c60c /socket.c
parentf6ef1ccd435fcb05c3d13086b0227741ff1dbba8 (diff)
downloadfetchmail-59f9b53799063574462dae2a34ebf34a89bc8bbf.tar.gz
fetchmail-59f9b53799063574462dae2a34ebf34a89bc8bbf.tar.bz2
fetchmail-59f9b53799063574462dae2a34ebf34a89bc8bbf.zip
Added sslproto.
svn path=/trunk/; revision=3183
Diffstat (limited to 'socket.c')
-rw-r--r--socket.c18
1 files changed, 16 insertions, 2 deletions
diff --git a/socket.c b/socket.c
index 7d1a78e2..67f6953f 100644
--- a/socket.c
+++ b/socket.c
@@ -753,7 +753,7 @@ int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx )
* uses SSL *ssl global variable, which is currently defined
* in this file
*/
-int SSLOpen(int sock, char *mycert, char *mykey, char *servercname )
+int SSLOpen(int sock, char *mycert, char *mykey, char *myproto, char *servercname )
{
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
@@ -766,7 +766,21 @@ int SSLOpen(int sock, char *mycert, char *mykey, char *servercname )
if( ! _ctx ) {
/* Be picky and make sure the memory is cleared */
memset( _ssl_context, 0, sizeof( _ssl_context ) );
- _ctx = SSL_CTX_new(SSLv23_client_method());
+ if(myproto) {
+ if(!strcmp("ssl2",myproto)) {
+ _ctx = SSL_CTX_new(SSLv2_client_method());
+ } else if(!strcmp("ssl3",myproto)) {
+ _ctx = SSL_CTX_new(SSLv3_client_method());
+ } else if(!strcmp("tls1",myproto)) {
+ _ctx = SSL_CTX_new(TLSv1_client_method());
+ } else {
+ fprintf(stderr,_("Invalid SSL protocol '%s' specified, using default (SSLv23).\n"), myproto);
+ myproto = NULL;
+ }
+ }
+ if(!myproto) {
+ _ctx = SSL_CTX_new(SSLv23_client_method());
+ }
if(_ctx == NULL) {
ERR_print_errors_fp(stderr);
return(-1);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 21:35:39 +0000