summaryrefslogtreecommitdiffstats
path: root/debian/patches/tls_version.diff
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/tls_version.diff')
-rw-r--r--debian/patches/tls_version.diff28
1 files changed, 28 insertions, 0 deletions
diff --git a/debian/patches/tls_version.diff b/debian/patches/tls_version.diff
new file mode 100644
index 0000000..f028d24
--- /dev/null
+++ b/debian/patches/tls_version.diff
@@ -0,0 +1,28 @@
+Index: postfix/src/tls/tls_client.c
+===================================================================
+--- postfix.orig/src/tls/tls_client.c
++++ postfix/src/tls/tls_client.c
+@@ -414,6 +414,9 @@ TLS_APPL_STATE *tls_client_init(const TL
+ SSL_CTX_set_min_proto_version(client_ctx, 0);
+ #endif
+
++ /* Enable all supported protocols */
++ SSL_CTX_set_min_proto_version(client_ctx, 0);
++
+ /*
+ * Set the call-back routine for verbose logging.
+ */
+Index: postfix/src/tls/tls_server.c
+===================================================================
+--- postfix.orig/src/tls/tls_server.c
++++ postfix/src/tls/tls_server.c
+@@ -539,6 +539,9 @@ TLS_APPL_STATE *tls_server_init(const TL
+ if (protomask != 0)
+ SSL_CTX_set_options(server_ctx, TLS_SSL_OP_PROTOMASK(protomask));
+
++ /* Enable all supported protocols */
++ SSL_CTX_set_min_proto_version(server_ctx, 0);
++
+ /*
+ * Some sites may want to give the client less rope. On the other hand,
+ * this could trigger inter-operability issues, the client should not
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-27 11:59:52 +0000