30ddbfff99
Resolves: #1895629, #1900827, CVE-2020-28896
33 lines
1.1 KiB
Diff
33 lines
1.1 KiB
Diff
diff -ur mutt-1.9.0.orig/init.h mutt-1.9.0/init.h
|
|
--- mutt-1.9.0.orig/init.h 2017-09-04 16:48:21.409528002 +0200
|
|
+++ mutt-1.9.0/init.h 2017-09-04 16:49:26.505093636 +0200
|
|
@@ -3510,7 +3510,7 @@
|
|
*/
|
|
# endif /* defined HAVE_SSL_PARTIAL_CHAIN */
|
|
# endif /* defined USE_SSL_OPENSSL */
|
|
- { "ssl_ciphers", DT_STR, R_NONE, {.p=&SslCiphers}, {.p=0} },
|
|
+ { "ssl_ciphers", DT_STR, R_NONE, {.p=&SslCiphers}, {.p="@SYSTEM"} },
|
|
/*
|
|
** .pp
|
|
** Contains a colon-separated list of ciphers to use when using SSL.
|
|
diff -ur mutt-1.9.0.orig/mutt_ssl_gnutls.c mutt-1.9.0/mutt_ssl_gnutls.c
|
|
--- mutt-1.9.0.orig/mutt_ssl_gnutls.c 2017-09-04 16:48:21.403528134 +0200
|
|
+++ mutt-1.9.0/mutt_ssl_gnutls.c 2017-09-04 16:51:16.081679141 +0200
|
|
@@ -286,6 +286,8 @@
|
|
else
|
|
mutt_buffer_strcpy (priority, "NORMAL");
|
|
|
|
+if (SslCiphers && strcmp(SslCiphers, "@SYSTEM"))
|
|
+{
|
|
if (!option (OPTTLSV1_3))
|
|
{
|
|
nproto--;
|
|
@@ -313,6 +315,7 @@
|
|
mutt_error (_("All available protocols for TLS/SSL connection disabled"));
|
|
goto cleanup;
|
|
}
|
|
+}
|
|
|
|
if ((err = gnutls_priority_set_direct (data->state, mutt_b2s (priority), NULL)) < 0)
|
|
{
|