aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS5
-rw-r--r--socket.c2
2 files changed, 5 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 34991c3f..39a5e97e 100644
--- a/NEWS
+++ b/NEWS
@@ -94,7 +94,10 @@ fetchmail-6.4.18 (not yet released):
* fetchmailconf: do not require fetchmail for -V. do not require Tk (Tkinter)
for -d option. This is to fail more gracefully on incomplete installs.
* TLS code: remove OPENSSL_NO_DEPRECATED macros to avoid portability issues
- with OpenSSL v3.
+ with OpenSSL v3 - these are for development purposes, not production.
+* TLS futureproofing: use SSL_use_PrivateKey_file instead of
+ SSL_use_RSAPrivateKey_file, the latter will be deprecated with OpenSSL v3,
+ and the user's key file might be something else than RSA.
--------------------------------------------------------------------------------
fetchmail-6.4.17 (released 2021-03-07, 29998 LoC):
diff --git a/socket.c b/socket.c
index a6d2fc53..326dc9cb 100644
--- a/socket.c
+++ b/socket.c
@@ -1232,7 +1232,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
*remotename = xstrdup(buffer);
}
SSL_use_certificate_file(_ssl_context[sock], mycert, SSL_FILETYPE_PEM);
- SSL_use_RSAPrivateKey_file(_ssl_context[sock], mykey, SSL_FILETYPE_PEM);
+ SSL_use_PrivateKey_file(_ssl_context[sock], mykey, SSL_FILETYPE_PEM);
}
if (SSL_set_fd(_ssl_context[sock], sock) == 0
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-16 11:47:39 +0000