From 32426d892c92cfb61dfb5f7ba9811232c9400ab9 Mon Sep 17 00:00:00 2001
From: wwp <wwp@free.fr>
Date: Thu, 12 Apr 2018 17:35:04 +0200
Subject: [PATCH] Disable SSLv3 in libspamc.c (patch from Debian spamassassin
 package).

---
 src/plugins/spamassassin/libspamc.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/plugins/spamassassin/libspamc.c b/src/plugins/spamassassin/libspamc.c
index 0be68e8c3..623c1ab33 100644
--- a/src/plugins/spamassassin/libspamc.c
+++ b/src/plugins/spamassassin/libspamc.c
@@ -1188,7 +1188,7 @@ int message_filter(struct transport *tp, const char *username,
     unsigned int throwaway;
     SSL_CTX *ctx = NULL;
     SSL *ssl = NULL;
-    SSL_METHOD *meth;
+    const SSL_METHOD *meth;
     char zlib_on = 0;
     unsigned char *zlib_buf = NULL;
     int zlib_bufsiz = 0;
@@ -1214,11 +1214,7 @@ int message_filter(struct transport *tp, const char *username,
     if (flags & SPAMC_USE_SSL) {
 #ifdef SPAMC_SSL
 	SSLeay_add_ssl_algorithms();
-	if (flags & SPAMC_TLSV1) {
-	    meth = TLSv1_client_method();
-	} else {
-	    meth = SSLv3_client_method(); /* default */
-	}
+	meth = SSLv23_client_method();
 	SSL_load_error_strings();
 	ctx = SSL_CTX_new(meth);
 #else
@@ -1597,7 +1593,7 @@ int message_tell(struct transport *tp, const char *username, int flags,
     int failureval;
     SSL_CTX *ctx = NULL;
     SSL *ssl = NULL;
-    SSL_METHOD *meth;
+    const SSL_METHOD *meth;
 
     assert(tp != NULL);
     assert(m != NULL);
@@ -1605,7 +1601,7 @@ int message_tell(struct transport *tp, const char *username, int flags,
     if (flags & SPAMC_USE_SSL) {
 #ifdef SPAMC_SSL
 	SSLeay_add_ssl_algorithms();
-	meth = SSLv3_client_method();
+	meth = SSLv23_client_method();
 	SSL_load_error_strings();
 	ctx = SSL_CTX_new(meth);
 #else
-- 
2.25.1