tentative patch below. All SSLV2 ciphersuites are enabled by default, so
I do not go on calling SSL_CipherPrefSetDefault() on them. For
simplicity, we could.
--- camel.c 2007-01-03 08:56:19.000000000 -0600
+++ camel.c.new 2007-02-05 17:19:20.000000000 -0600
@@ -90,6 +90,7 @@
#ifdef HAVE_NSS
if (nss_init) {
char *nss_configdir;
+ PRUint16 indx;
PR_Init (PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 10);
@@ -108,6 +109,11 @@
}
NSS_SetDomesticPolicy ();
+ /* we must enable all ciphersuites */
+ for (indx = 0; indx < SSL_NumImplementedCiphers; indx++) {
+ if (!SSL_IS_SSL2_CIPHER(SSL_ImplementedCiphers[indx]))
+ SSL_CipherPrefSetDefault
(SSL_ImplementedCiphers[indx], PR_TRUE);
+ }
SSL_OptionSetDefault (SSL_ENABLE_SSL2, PR_TRUE);
SSL_OptionSetDefault (SSL_ENABLE_SSL3, PR_TRUE);
--
Evolution uses weak encryption for SSL/TLS
https://launchpad.net/bugs/82515
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
