Don't differentiate the protocols used when using direct SSL/TLS versus STARTTLS
authorPaul <paul@claws-mail.org>
Thu, 28 Aug 2014 09:55:41 +0000 (10:55 +0100)
committerPaul <paul@claws-mail.org>
Thu, 28 Aug 2014 09:55:41 +0000 (10:55 +0100)
Patch by Alessandro Di Federico

AUTHORS
src/common/session.c
src/common/ssl.c
src/common/ssl.h
src/gtk/authors.h

diff --git a/AUTHORS b/AUTHORS
index 04b8f75..52adcdc 100644 (file)
--- a/AUTHORS
+++ b/AUTHORS
@@ -307,3 +307,4 @@ contributors (in addition to the above; based on Changelog)
        Christoph Ruegge
        Igor Gnatenko
        Kevin Day
+       Alessandro Di Federico
index 959c7a2..6926d76 100644 (file)
@@ -378,7 +378,7 @@ gint session_start_tls(Session *session)
        if (nb_mode)
                sock_set_nonblocking_mode(session->sock, FALSE);
 
-       if (!ssl_init_socket_with_method(session->sock, SSL_METHOD_TLSv1)) {
+       if (!ssl_init_socket(session->sock)) {
                g_warning("couldn't start TLS session.\n");
                if (nb_mode)
                        sock_set_nonblocking_mode(session->sock, session->nonblocking);
index c56a948..f612299 100644 (file)
@@ -255,11 +255,6 @@ static gint SSL_connect_nb(gnutls_session_t ssl)
 #endif
 }
 
-gboolean ssl_init_socket(SockInfo *sockinfo)
-{
-       return ssl_init_socket_with_method(sockinfo, SSL_METHOD_SSLv23);
-}
-
 gnutls_x509_crt_t *ssl_get_certificate_chain(gnutls_session_t session, gint *list_len)
 {
        const gnutls_datum_t *raw_cert_list;
@@ -307,7 +302,7 @@ gnutls_x509_crt_t *ssl_get_certificate_chain(gnutls_session_t session, gint *lis
        return certs;
 }
 
-gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
+gboolean ssl_init_socket(SockInfo *sockinfo)
 {
        gnutls_session_t session;
        int r, i;
@@ -328,10 +323,7 @@ gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
                            sockinfo->gnutls_priority, r);
        }
        else {
-               if (method == 0)
-                       gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2", NULL);
-               else
-                       gnutls_priority_set_direct(session, "NORMAL", NULL);
+               gnutls_priority_set_direct(session, "NORMAL", NULL);
        }
        gnutls_record_disable_padding(session);
 
index f180d55..185faca 100644 (file)
@@ -37,16 +37,9 @@ typedef enum {
 #include <gnutls/x509.h>
 #include "socket.h"
 
-typedef enum {
-       SSL_METHOD_SSLv23,
-       SSL_METHOD_TLSv1
-} SSLMethod;
-
 void ssl_init                          (void);
 void ssl_done                          (void);
 gboolean ssl_init_socket               (SockInfo       *sockinfo);
-gboolean ssl_init_socket_with_method   (SockInfo       *sockinfo,
-                                        SSLMethod       method);
 void ssl_done_socket                   (SockInfo       *sockinfo);
 
 typedef struct _SSLClientCertHookData SSLClientCertHookData;
index cbfc14d..7e6af84 100644 (file)
@@ -125,6 +125,7 @@ static char *CONTRIBS_LIST[] = {
 "Leonid Evdokimov",
 "Xavier FACQ",
 "Tiago Faria",
+"Alessandro Di Federico",
 "Lars Persson Fink",
 "Bob Forsman",
 "Matthias Förste",