TLS-Version supported
It looks like piler smtp-server only supports TLS1.0. Is there a possibility to add support for TLS1.2 and later TLS1.3?
Thanks in advance.
Comments (6)
-
repo owner -
repo owner Hold it! What openssl version do you have? What Linux distro do you have?
-
reporter OpenSSL 1.0.2g on Ubuntu 16.04.6 LTS (GNU/Linux 4.15.0-1050-azure x86_64), thanks for your investigation
-
repo owner Well, that version of openssl doesn’t ship a generic TLS version that’s able to negotiate the strongest possible encryption, so that’s why I chose a conservative and hopefully generic enough TLS v1.0. If you think you can move up to v1.2, then fix both src/smtp.c and src/misc.c and use TLSv1_2_server_method and TLSv1_2_client_method. Unfortunately openssl 1.0.x does not support TLS v1.3.
-
reporter Thanks, I’ve upgraded OS, openssl version to 1.1.1 and piler to 1.3.5 incl. database/tables to utf8mb4_unicode_ci, so everything works like a charm, without patching.
-
repo owner - changed status to closed
- Log in to comment
There’s a typo in src/smtp.c specifying
TLSv1_server_method
for openssl 1.0.x. Fix it toTLS_server_method
just as it is 2 lines below, recompile, and you should be fine. I’ll make the patch soon.