aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-17 17:38:17 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-17 17:41:30 +0100
commit57988c83bb4b3f1780f045880ac4a8f36a51c55c (patch)
treed456a8526a72381f320864df6009cdaed07951fc /lib
parent1a19feb7a4b3d70f44e4e1fb0f9920b063842422 (diff)
libinterimap: new option SSL_ciphersuites to set the TLSv1.3 ciphersuites.
Also, clarify that SSL_cipherlist only applies to TLSv1.2 and below. See SSL_CTX_set_cipher_list(3ssl).
Diffstat (limited to 'lib')
-rw-r--r--lib/Net/IMAP/InterIMAP.pm4
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/Net/IMAP/InterIMAP.pm b/lib/Net/IMAP/InterIMAP.pm
index 856c5c8..09f510f 100644
--- a/lib/Net/IMAP/InterIMAP.pm
+++ b/lib/Net/IMAP/InterIMAP.pm
@@ -67,6 +67,7 @@ my %OPTIONS = (
SSL_protocol_max => qr/\A(\P{Control}+)\z/,
SSL_fingerprint => qr/\A((?:[A-Za-z0-9]+\$)?\p{AHex}+(?: (?:[A-Za-z0-9]+\$)?\p{AHex}+)*)\z/,
SSL_cipherlist => qr/\A(\P{Control}+)\z/,
+ SSL_ciphersuites => qr/\A(\P{Control}*)\z/, # "an empty list is permissible"
SSL_hostname => qr/\A(\P{Control}*)\z/,
SSL_verify => qr/\A(YES|NO)\z/i,
SSL_CApath => qr/\A(\P{Control}+)\z/,
@@ -1766,6 +1767,9 @@ sub _start_ssl($$) {
if (defined (my $str = $self->{SSL_cipherlist})) {
$self->_ssl_error("SSL_CTX_set_cipher_list()") unless Net::SSLeay::CTX_set_cipher_list($ctx, $str) == 1;
}
+ if (defined (my $str = $self->{SSL_ciphersuites})) {
+ $self->_ssl_error("SSL_CTX_set_ciphersuites()") unless Net::SSLeay::CTX_set_ciphersuites($ctx, $str) == 1;
+ }
my $vpm = Net::SSLeay::X509_VERIFY_PARAM_new() or $self->_ssl_error("X509_VERIFY_PARAM_new()");
my $purpose = Net::SSLeay::X509_PURPOSE_SSL_SERVER();