From: Viktor Dukhovni <postfix-users@dukhovni.org>
Date: Sun, 10 Jan 2016 08:36:05 +0000 (-0500)
Subject: Bitrot: SSLv2 dropped in OpenSSL 1.1.0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cda8a0d915d2d251911e89a151cb74245e61a8e9;p=thirdparty%2Fpostfix.git

Bitrot: SSLv2 dropped in OpenSSL 1.1.0
---

diff --git a/postfix/src/tls/tls.h b/postfix/src/tls/tls.h
index 5b4851d39..4df80b852 100644
--- a/postfix/src/tls/tls.h
+++ b/postfix/src/tls/tls.h
@@ -297,24 +297,53 @@ extern void tls_param_init(void);
   * Protocol selection.
   */
 #define TLS_PROTOCOL_INVALID	(~0)	/* All protocol bits masked */
+
+#ifdef SSL_TXT_SSLV2
 #define TLS_PROTOCOL_SSLv2	(1<<0)	/* SSLv2 */
+#else
+#define SSL_TXT_SSLV2		"SSLv2"
+#define TLS_PROTOCOL_SSLv2	0	/* Unknown */
+#undef  SSL_OP_NO_SSLv2
+#define SSL_OP_NO_SSLv2		0L	/* Noop */
+#endif
+
+#ifdef SSL_TXT_SSLV3
 #define TLS_PROTOCOL_SSLv3	(1<<1)	/* SSLv3 */
+#else
+#define SSL_TXT_SSLV3		"SSLv3"
+#define TLS_PROTOCOL_SSLv3	0	/* Unknown */
+#undef  SSL_OP_NO_SSLv3
+#define SSL_OP_NO_SSLv3		0L	/* Noop */
+#endif
+
+#ifdef SSL_TXT_TLSV1
 #define TLS_PROTOCOL_TLSv1	(1<<2)	/* TLSv1 */
+#else
+#define SSL_TXT_TLSV1		"TLSv1"
+#define TLS_PROTOCOL_TLSv1	0	/* Unknown */
+#undef  SSL_OP_NO_TLSv1
+#define SSL_OP_NO_TLSv1		0L	/* Noop */
+#endif
+
 #ifdef SSL_TXT_TLSV1_1
 #define TLS_PROTOCOL_TLSv1_1	(1<<3)	/* TLSv1_1 */
 #else
+#define SSL_TXT_TLSV1_1		"TLSv1.1"
 #define TLS_PROTOCOL_TLSv1_1	0	/* Unknown */
 #undef  SSL_OP_NO_TLSv1_1
 #define SSL_OP_NO_TLSv1_1	0L	/* Noop */
 #endif
+
 #ifdef SSL_TXT_TLSV1_2
 #define TLS_PROTOCOL_TLSv1_2	(1<<4)	/* TLSv1_2 */
 #else
+#define SSL_TXT_TLSV1_2		"TLSv1.2"
 #define TLS_PROTOCOL_TLSv1_2	0	/* Unknown */
 #undef  SSL_OP_NO_TLSv1_2
 #define SSL_OP_NO_TLSv1_2	0L	/* Noop */
 #endif
-#define TLS_KNOWN_PROTOCOLS \
+
+#define TLS_KNOWN_PROTOCOLS	\
 	( TLS_PROTOCOL_SSLv2 | TLS_PROTOCOL_SSLv3 | TLS_PROTOCOL_TLSv1 \
 	   | TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 )
 #define TLS_SSL_OP_PROTOMASK(m) \
diff --git a/postfix/src/tls/tls_misc.c b/postfix/src/tls/tls_misc.c
index 65addd2ed..6450316ec 100644
--- a/postfix/src/tls/tls_misc.c
+++ b/postfix/src/tls/tls_misc.c
@@ -250,12 +250,8 @@ static const NAME_CODE protocol_table[] = {
     SSL_TXT_SSLV2, TLS_PROTOCOL_SSLv2,
     SSL_TXT_SSLV3, TLS_PROTOCOL_SSLv3,
     SSL_TXT_TLSV1, TLS_PROTOCOL_TLSv1,
-#ifdef SSL_TXT_TLSV1_1
     SSL_TXT_TLSV1_1, TLS_PROTOCOL_TLSv1_1,
-#endif
-#ifdef SSL_TXT_TLSV1_2
     SSL_TXT_TLSV1_2, TLS_PROTOCOL_TLSv1_2,
-#endif
     0, TLS_PROTOCOL_INVALID,
 };