search for: ssl_ctrl_set_ecdh_auto

Hi, the actual OpenSSL version detection in dovecot is insufficient. The implementation only checks for SSL_CTRL_SET_ECDH_AUTO. That was effective for OpenSSL 1.0.2, but in 1.1.0 it is removed. Thats the code part: #ifdef SSL_CTRL_SET_ECDH_AUTO /* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter selection. */ SSL_CTX_set_ecdh_auto(ssl_ctx, 1); #else /* For OpenSSL &...

...vecot's code check for the openssl version and libressl's version numbers are higher the compilation fails there. Attached is a patch that will change that checks. Instead of checking for the version number it checks for the availability of the feature itself (by checking for the define of SSL_CTRL_SET_ECDH_AUTO). This should make this check more robust and work independently of the version number of the used openssl instance. cu, -- Hanno B?ck http://hboeck.de/ mail/jabber: hanno at hboeck.de GPG: BBB51E42 -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-ecdh-...