net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Temporarily disable TLSv1.3 support

Disable TLSv1.3 until support for it is fixed in pure-ftpd. This is a
workaround for the following issue:
https://github.com/jedisct1/pure-ftpd/issues/102

--- a/src/tls.c
+++ b/src/tls.c
@@ -301,6 +301,10 @@ int tls_init_library(void)
 # endif
 # ifdef SSL_OP_NO_TLSv1_2
     SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_2);
+# endif
+    /* Disable TLSv1.3 support until it works properly in pure-ftpd */
+# ifdef SSL_OP_NO_TLSv1_3
+    SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1_3);
 # endif
     if (tlsciphersuite != NULL) {
         if (SSL_CTX_set_cipher_list(tls_ctx, tlsciphersuite) != 1) {
-- 
2.20.1