-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
neomutt-ssl_ciphers.patch
94 lines (90 loc) · 2.9 KB
/
neomutt-ssl_ciphers.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
From 0b879568e94065074a02f9650216c48a1f681702 Mon Sep 17 00:00:00 2001
From: Richard Russon <rich@flatcap.org>
Date: Wed, 1 Jun 2016 21:38:22 +0100
Subject: neomutt-ssl_ciphers
---
conn/config.c | 2 +-
conn/gnutls.c | 59 +++++++++++++++++++++++++++------------------------
2 files changed, 32 insertions(+), 29 deletions(-)
diff --git a/conn/config.c b/conn/config.c
index a97ba08c3..4627b260c 100644
--- a/conn/config.c
+++ b/conn/config.c
@@ -66,7 +66,7 @@ static struct ConfigDef ConnVarsSsl[] = {
{ "certificate_file", DT_PATH|D_PATH_FILE, IP "~/.mutt_certificates", 0, NULL,
"File containing trusted certificates"
},
- { "ssl_ciphers", DT_STRING, 0, 0, NULL,
+ { "ssl_ciphers", DT_STRING, IP "@SYSTEM", 0, NULL,
"Ciphers to use when using SSL"
},
{ "ssl_client_cert", DT_PATH|D_PATH_FILE, 0, 0, NULL,
diff --git a/conn/gnutls.c b/conn/gnutls.c
index 4d4a80892..bcf4ea831 100644
--- a/conn/gnutls.c
+++ b/conn/gnutls.c
@@ -762,35 +762,38 @@ static int tls_set_priority(struct TlsSockData *data)
else
buf_strcpy(priority, "NORMAL");
- const bool c_ssl_use_tlsv1_3 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1_3");
- if (!c_ssl_use_tlsv1_3)
+ if (mutt_str_equal(c_ssl_ciphers, "@SYSTEM"))
{
- nproto--;
- buf_addstr(priority, ":-VERS-TLS1.3");
- }
- const bool c_ssl_use_tlsv1_2 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1_2");
- if (!c_ssl_use_tlsv1_2)
- {
- nproto--;
- buf_addstr(priority, ":-VERS-TLS1.2");
- }
- const bool c_ssl_use_tlsv1_1 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1_1");
- if (!c_ssl_use_tlsv1_1)
- {
- nproto--;
- buf_addstr(priority, ":-VERS-TLS1.1");
- }
- const bool c_ssl_use_tlsv1 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1");
- if (!c_ssl_use_tlsv1)
- {
- nproto--;
- buf_addstr(priority, ":-VERS-TLS1.0");
- }
- const bool c_ssl_use_sslv3 = cs_subset_bool(NeoMutt->sub, "ssl_use_sslv3");
- if (!c_ssl_use_sslv3)
- {
- nproto--;
- buf_addstr(priority, ":-VERS-SSL3.0");
+ const bool c_ssl_use_tlsv1_3 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1_3");
+ if (!c_ssl_use_tlsv1_3)
+ {
+ nproto--;
+ buf_addstr(priority, ":-VERS-TLS1.3");
+ }
+ const bool c_ssl_use_tlsv1_2 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1_2");
+ if (!c_ssl_use_tlsv1_2)
+ {
+ nproto--;
+ buf_addstr(priority, ":-VERS-TLS1.2");
+ }
+ const bool c_ssl_use_tlsv1_1 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1_1");
+ if (!c_ssl_use_tlsv1_1)
+ {
+ nproto--;
+ buf_addstr(priority, ":-VERS-TLS1.1");
+ }
+ const bool c_ssl_use_tlsv1 = cs_subset_bool(NeoMutt->sub, "ssl_use_tlsv1");
+ if (!c_ssl_use_tlsv1)
+ {
+ nproto--;
+ buf_addstr(priority, ":-VERS-TLS1.0");
+ }
+ const bool c_ssl_use_sslv3 = cs_subset_bool(NeoMutt->sub, "ssl_use_sslv3");
+ if (!c_ssl_use_sslv3)
+ {
+ nproto--;
+ buf_addstr(priority, ":-VERS-SSL3.0");
+ }
}
if (nproto == 0)