From c72743cf6139d6906337ddeac964eb79f644097e Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sat, 17 Jan 2015 01:15:31 +0100
Subject: TLS overhaul, bumping version to 6.4

Removes SSLv2, enables TLSv1.1 and v1.2 more easily,
permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS.
Only negotiates TLSv1 and newer by default, SSLv3 must now be specified
explicitly, as a consequence of the POODLE attack.

This is meant to be a minimally upgraded version, and cannot be usefully
done as a 6.3.X release.

It is strongly recommended that users review their configuration -
especially --sslproto - per instructions in the NEWS file and manual
page.  It has changed semantics and in many cases --sslproto auto or
perhaps --sslproto tls1.2+ should be used now.
---
 fetchmail.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'fetchmail.h')

diff --git a/fetchmail.h b/fetchmail.h
index f3e45144..52a1d4b9 100644
--- a/fetchmail.h
+++ b/fetchmail.h
@@ -774,9 +774,9 @@ int servport(const char *service);
 int fm_getaddrinfo(const char *node, const char *serv, const struct addrinfo *hints, struct addrinfo **res);
 void fm_freeaddrinfo(struct addrinfo *ai);
 
-/* prototypes from tls.c */
-int maybe_tls(struct query *ctl);
-int must_tls(struct query *ctl);
+/* prototypes from starttls.c */
+int maybe_starttls(struct query *ctl);
+int must_starttls(struct query *ctl);
 
 /* prototype from rfc822valid.c */
 int rfc822_valid_msgid(const unsigned char *);
-- 
cgit v1.2.3