Adding debian version 3.4.23-0+deb10u1.debian/3.4.23-0+deb10u1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 28 insertions, 0 deletions

diff --git a/debian/patches/tls_version.diff b/debian/patches/tls_version.diff
new file mode 100644
index 0000000..f028d24
--- /dev/null
+++ b/debian/patches/tls_version.diff
@@ -0,0 +1,28 @@
+Index: postfix/src/tls/tls_client.c
+===================================================================
+--- postfix.orig/src/tls/tls_client.c
++++ postfix/src/tls/tls_client.c
+@@ -414,6 +414,9 @@ TLS_APPL_STATE *tls_client_init(const TL
+     SSL_CTX_set_min_proto_version(client_ctx, 0);
+ #endif
+ 
++    /* Enable all supported protocols */
++    SSL_CTX_set_min_proto_version(client_ctx, 0);
++
+     /*
+      * Set the call-back routine for verbose logging.
+      */
+Index: postfix/src/tls/tls_server.c
+===================================================================
+--- postfix.orig/src/tls/tls_server.c
++++ postfix/src/tls/tls_server.c
+@@ -539,6 +539,9 @@ TLS_APPL_STATE *tls_server_init(const TL
+     if (protomask != 0)
+ 	SSL_CTX_set_options(server_ctx, TLS_SSL_OP_PROTOMASK(protomask));
+ 
++    /* Enable all supported protocols */
++    SSL_CTX_set_min_proto_version(server_ctx, 0);
++
+     /*
+      * Some sites may want to give the client less rope. On the other hand,
+      * this could trigger inter-operability issues, the client should not