Open bllfr0g opened 6 years ago
Hmm, is this still the case?
You should change dlib/src/dnet.c line 175 to
sd->ctx = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_options(sd->ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
This allows all TLS ciphers, but excludes SSLv2 and SSLv3.
With the TLS option, email supports only TLSv1.0, which is either obsolete, or rapidly becoming obsolete, depending on your point of view.
Looks like in dlib, around line 175 of dnet.c, is where TLSv1.0 is hardcoded in.
Would be awesome if instead you tried, in priority order, TLSv1.2, TLSv1.1, TLSv1.0.